A Middle East Airlines plane on the tarmac of the Beirut airport, Aug. 10, 2022. (Credit: Roy Issa/AFP)
BEIRUT — Caretaker Lebanese Transport and Public Works Minister Ali Hamieh dismissed on Monday, following a cyberattack targeting screens at the Beirut airport, any suggestion that the incident was due to "negligence." He said an investigation is underway to determine whether the breach was "internal or external."
On Sunday evening, a message addressed to Hezbollah and its secretary-general, Hassan Nasrallah, appeared on the information screens at the airport. A source at Middle East Airlines, the national airline, informed L'Orient-Le Jour that the Flight Information Display System (FIDS), which displays flight information at the airport, had been hacked. The attack also caused a malfunction in the system used for baggage inspection.
"Today [Monday], the airport is operating normally … and there are no issues regarding flights," Hamieh said at a press conference. He specified that since the previous day's hacking, which forced the administration to shut down all screens in the building, 70 percent of the screens had been restored.
"We are a public administration, and we need to focus on cybersecurity," he added, asserting that this incident was not related to any "negligence."
"Damage has been caused, but we are working to repair it," emphasized the minister, who also mentioned cutting off the internet "as a preventive measure" and "to limit the damage."
Hamieh indicated that he did not yet know the exact nature of the cyberattack. "We will have an answer within a few days to determine if it was an internal or external breach," he said. "Today, our challenge is to implement preventive measures and ensure their funding to prevent this incident from recurring," he added.
Mikati reacts
Meanwhile, caretaker Prime Minister Najib Mikati stated that "the investigation into this matter is not yet complete."
"Specialized officers are handling this case," he added in an interview with Al-Hurra TV.
"In the context of the global technological war, it is possible that this is a cyberattack, but the important thing is to reveal all the details and return to a normal situation," Mikati further stated. "This matter is being handled by the Minister of Labor, and I am in contact with him," he continued.
"An attack does not mean that security is not assured. The airport security service is doing its job in cooperation with all concerned parties," Mikati concluded.
Civil Aviation Director-General Fadi al-Hassan said Monday afternoon that "despite the breakdown, the screens at the airport are now 100 percent back to normal. The baggage … issue is being addressed, and only baggage systems were affected, not scanners. [Hamieh] mobilized technicians to investigate the breach, and security agencies are now monitoring the situation, and manual bag inspections are ongoing. Flight schedules were unaffected, and only baggage claims faced delays. The breach's nature remains uncertain, but efforts aim to restore normalcy soon."
The incident on Sunday evening prompted some reactions in political circles. Opposition MP Waddah Sadek wrote on X that the hacking was due to "hiring based on political affiliation, at the expense of skills and integrity." This clientelism "exploded the port" of Beirut on Aug. 4, 2020, and "threatens the complete collapse of the Beirut airport." On the other hand, Kataeb party MP Elias Hankach said that the cyberattack brings up the need for Lebanon to have "a second airport, the Hamat airport."
The latter was built in 1976, a year after the start of the civil war, in Hamat, in the Batroun region (North Lebanon) to accommodate civil and military flights. It was requisitioned by the Syrian army until 2005, when the Lebanese army regained control of it for use for its planes and helicopters.
During this hacking incident, travelers present at the Beirut airport could read the following message: "In the name of the Lord and the people, Beirut international airport is not the airport of Hezbollah or Iran. Hassan Nasrallah, you will have no more defenders if Lebanon is dragged into a war for which you will bear the responsibility and consequences. Hezbollah, we will not go to war on behalf of another. You blew up our port after bringing in weapons. Let the airport be liberated from the yoke of the mini-state." Images of the hacked screens were widely shared on social media.
Above the message, which refers to Hezbollah and its regional sponsor, the Islamic Republic of Iran, as well as the explosion at the port of Beirut on Aug. 4, 2020, were two logos. One was from the "Saheb al-Kalam" page, an unidentified group that criticizes Hezbollah extensively on social media, and the other from the "Jnoud al-Rab," the "Soldiers of God," an extremist Christian group in Beirut. Saheb al-Kalam shared photos of the hacked screens at the Beirut airport on the X network. In a video posted on the "Soldiers of God" Facebook page, two men denied any involvement of their group in the cyberattack on the airport, accusing the individuals behind the hacking of seeking to "cause dissension."
Hezbollah is regularly accused by its detractors of importing weapons through the airport, located in the southern part of Beirut.
