An Airline Brought To A Standstill By Ransomware

Hundreds of people were stranded at airports across India after the SpiceJet airline reported that it was hit with a ransomware attack. India’s SpiceJet airline, was forced to delay numerous flights on Wednesday 25th May after being hit by a ransomware attack that occurred the previous day. 

The company released a post to Twitter confirming that its operations had been impacted by the cyber security incident. 

Several flights were delayed on Wednesday 25th May, with passengers complaining about lack of service.
Many tweeted photographs and videos saying that they had been waiting for hours after boarding, without any response from the airline.“Certain SpiceJet systems faced an attempted ransomware attack last night that impacted and slowed down morning flight departures today,” the BBC wrote on Twitter on Wednesday 25th. 
“Our IT team has contained and rectified the situation and flights are operating normally now.”

On Thursday 26th, morning flight departures were still suffering from the effects of the cyber attack, although SpiceJet reported that the situation had been contained and rectified by its IT team. Some users took to social media to complain about the flight delays, however, the consequences of the ransomware attack could have been far worse.

Cyber security researchers stated that if the systems had been fully breached, more severe implications could have occurred such as system wide outages, exposed data, and reputation damage. 

SpiceJet is a low-cost airline and the second-largest in India based on the number of domestic passengers it carries, about 12 million a month. Based in Delhi and Hyderabad, the airline typically has about 630 flights per day and operates in 54 Indian cities as well as 15 other locations internationally. 

SpiceJet was involved in a previous cyber security incident in which the personal information over one million customers was exposed in 2020. Researchers also believe that companies should be able to respond to threats in real time to severely limit the consequences of these attacks.

SpiceJet is not alone among airlines when it comes to being slowed down by ransomware. Bangkok Airways was hit by a LockBit attack in August 2021, resulting in over 100GB of data being disclosed when the airline chose not to pay the ransom. 

SoiceJet:     IQStock:    Oodaloop:     Infosecurity Magazine:   BBC:     The Record:     The Register:   

You Might Also Read: 

Multiple Airlines Hit By Supply Chain Attack:

 

 

« Energy Companies Unready For Lethal Cyber Attacks
Estonia Fears Cyber Attacks Will Rise Because Of War In Ukraine »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Kirkland & Ellis

Kirkland & Ellis

Kirkland & Ellis LLP is an international law firm with offices in the USA, Europe and Asia. Practice areas include Data Security & Privacy.

Zymr

Zymr

Zymr specialize in cloud computing solutions including Cloud Security, Cloud Mobility, Cloud Apps, Cloud Infrastructure and Cloud Orchestration.

Akheros

Akheros

Akheros develops cybersecurity learning algorithms which anticipate, detect and prevent offensive and incongruous behaviors of M2M interactions.

BehavioSec

BehavioSec

BehavioSec uses the way your customers type, swipe, and hold their devices, and enables them to authenticate themselves through their own behavior patterns.

macmon secure

macmon secure

macmon secure develops network security software, focussing on Network Access Control.

MythX

MythX

MythX is the premier security analysis service for Ethereum smart contracts.

CPP Group UK

CPP Group UK

CPP Group UK develops products to help insurers add further value to their products and services through its innovative suite of new products in FinTech, InsurTech and cyber security.

Sequretek

Sequretek

Sequretek was formed with the aim to “Simplify Security”. We envision a future where enterprise networks are streamlined, secure and simple.

Stratum Security

Stratum Security

Stratum Security is an information security consulting company that focuses on providing clear and concise risk guidance to its clients through high quality assessment services.

evolutionQ

evolutionQ

evolutionQ delivers quantum-risk management strategies and robust cybersecurity tools designed to be safe in an era with quantum computing technologies.

Timus Networks

Timus Networks

Timus Networks enables today's work from anywhere organizations to secure their networks very easily and cost effectively.

International Association of Financial Crimes Investigators (IAFCI)

International Association of Financial Crimes Investigators (IAFCI)

International Association of Financial Crimes Investigators provides services and information about financial fraud, fraud investigation and fraud prevention.

Northdoor

Northdoor

Northdoor provides a comprehensive set of services around information security and works with leading global technology vendors to deploy and manage cyber security solutions.

Telit Cinterion

Telit Cinterion

Telit Cinterion is a global enabler of the intelligent edge providing highly secure IoT solutions, modules and services.

CyberSecureRIA

CyberSecureRIA

We founded CyberSecureRIA specifically to secure and support RIAs. We exist to secure SEC-registered RIAs, and keep them compliant with cybersecurity regulations.

Xeol

Xeol

Software free of vulnerabilities, built and distributed by trusted entities. Our mission is to help customers secure their software from code to deploy.