An Airline Brought To A Standstill By Ransomware

Uploaded on 2022-05-31 in FREE TO VIEW, BUSINESS-Services-Transport & Travel

Hundreds of people were stranded at airports across India after the SpiceJet airline reported that it was hit with a ransomware attack. India’s SpiceJet airline, was forced to delay numerous flights on Wednesday 25th May after being hit by a ransomware attack that occurred the previous day. 

The company released a post to Twitter confirming that its operations had been impacted by the cyber security incident. 

Several flights were delayed on Wednesday 25th May, with passengers complaining about lack of service.
Many tweeted photographs and videos saying that they had been waiting for hours after boarding, without any response from the airline.“Certain SpiceJet systems faced an attempted ransomware attack last night that impacted and slowed down morning flight departures today,” the BBC wrote on Twitter on Wednesday 25th. 
“Our IT team has contained and rectified the situation and flights are operating normally now.”

On Thursday 26th, morning flight departures were still suffering from the effects of the cyber attack, although SpiceJet reported that the situation had been contained and rectified by its IT team. Some users took to social media to complain about the flight delays, however, the consequences of the ransomware attack could have been far worse.

Cyber security researchers stated that if the systems had been fully breached, more severe implications could have occurred such as system wide outages, exposed data, and reputation damage. 

SpiceJet is a low-cost airline and the second-largest in India based on the number of domestic passengers it carries, about 12 million a month. Based in Delhi and Hyderabad, the airline typically has about 630 flights per day and operates in 54 Indian cities as well as 15 other locations internationally. 

SpiceJet was involved in a previous cyber security incident in which the personal information over one million customers was exposed in 2020. Researchers also believe that companies should be able to respond to threats in real time to severely limit the consequences of these attacks.

SpiceJet is not alone among airlines when it comes to being slowed down by ransomware. Bangkok Airways was hit by a LockBit attack in August 2021, resulting in over 100GB of data being disclosed when the airline chose not to pay the ransom. 

SoiceJet:     IQStock:    Oodaloop:     Infosecurity Magazine:   BBC:     The Record:     The Register:   

You Might Also Read: 

Multiple Airlines Hit By Supply Chain Attack:

 

 

« Energy Companies Unready For Lethal Cyber Attacks
Estonia Fears Cyber Attacks Will Rise Because Of War In Ukraine »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

TestFort

TestFort

TestFort QA Lab is a specialized software testing company offering independent quality assurance and software testing services.

SharkGate

SharkGate

SharGate provide a cloud-based website security solution to protect websites from being hacked.

Egerie

Egerie

EGERIE's RiskManager solution provides a Global, Centralized, and Updated view of risk maps and security measures for your company.

Military Cyber Professionals Association (MCPA)

Military Cyber Professionals Association (MCPA)

MCPA are a team of Soldiers, Sailors, Airmen, Marines, Veterans and others interested in the development of the American military cyber profession.

Quorum Cyber

Quorum Cyber

Quorum Cyber offer end-to-end cyber security solutions, specialising in Managed Security Services, Consulting and Resourcing.

Boldon James

Boldon James

Boldon James are market leaders in data classification and secure messaging software.

Cryptsoft

Cryptsoft

Cryptsoft provides key management and security software development toolkits based around open standards such as OASIS KMIP and PKCS#11.

totemo

totemo

Totemo offers solutions for the secure exchange of business information.

QuSecure

QuSecure

QuSecure provides a software-driven security architecture that overlays your current infrastructure and provides next-generation security to protect your entire network from quantum threats.

Stripe OLT

Stripe OLT

At Stripe OLT, we provide complete business technology solutions - Our team has an unrivalled reputation as a Microsoft Gold Partner, specialising in secure, cloud-first technology.

HACKNER Security Intelligence

HACKNER Security Intelligence

HACKNER Security Intelligence is an independent security consultancy delivering comprehensive security assessments across IT security, physical security, and social engineering.

ANY.RUN

ANY.RUN

ANY.RUN is an interactive online malware analysis service created for dynamic as well as static research of multiple types of cyber threats.

Axient

Axient

Axient advances defense and civilian missions from aerospace to cyberspace with multi-domain test and analysis, mission engineering and operations, and advanced technologies.

Rootly

Rootly

Rootly is an incident management platform on Slack that helps automate manual admin work during incidents.

CyTwist

CyTwist

CyTwist is an early warning attack detection platform that complement your existing security suite and provides your security teams with unique detection capabilities of stealth targeted attacks.

DYOPATH

DYOPATH

At DYOPATH we work with the single purpose of helping our clients combat the ongoing increase of cyber threats, the growth in more complex IT environments, and ever-increasing human capital shortages.