An Airline Brought To A Standstill By Ransomware

Uploaded on 2022-05-31 in FREE TO VIEW, BUSINESS-Services-Transport & Travel

Hundreds of people were stranded at airports across India after the SpiceJet airline reported that it was hit with a ransomware attack. India’s SpiceJet airline, was forced to delay numerous flights on Wednesday 25th May after being hit by a ransomware attack that occurred the previous day. 

The company released a post to Twitter confirming that its operations had been impacted by the cyber security incident. 

Several flights were delayed on Wednesday 25th May, with passengers complaining about lack of service.
Many tweeted photographs and videos saying that they had been waiting for hours after boarding, without any response from the airline.“Certain SpiceJet systems faced an attempted ransomware attack last night that impacted and slowed down morning flight departures today,” the BBC wrote on Twitter on Wednesday 25th. 
“Our IT team has contained and rectified the situation and flights are operating normally now.”

On Thursday 26th, morning flight departures were still suffering from the effects of the cyber attack, although SpiceJet reported that the situation had been contained and rectified by its IT team. Some users took to social media to complain about the flight delays, however, the consequences of the ransomware attack could have been far worse.

Cyber security researchers stated that if the systems had been fully breached, more severe implications could have occurred such as system wide outages, exposed data, and reputation damage. 

SpiceJet is a low-cost airline and the second-largest in India based on the number of domestic passengers it carries, about 12 million a month. Based in Delhi and Hyderabad, the airline typically has about 630 flights per day and operates in 54 Indian cities as well as 15 other locations internationally. 

SpiceJet was involved in a previous cyber security incident in which the personal information over one million customers was exposed in 2020. Researchers also believe that companies should be able to respond to threats in real time to severely limit the consequences of these attacks.

SpiceJet is not alone among airlines when it comes to being slowed down by ransomware. Bangkok Airways was hit by a LockBit attack in August 2021, resulting in over 100GB of data being disclosed when the airline chose not to pay the ransom. 

SoiceJet:     IQStock:    Oodaloop:     Infosecurity Magazine:   BBC:     The Record:     The Register:   

You Might Also Read: 

Multiple Airlines Hit By Supply Chain Attack:

 

 

« Energy Companies Unready For Lethal Cyber Attacks
Estonia Fears Cyber Attacks Will Rise Because Of War In Ukraine »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Akin Gump Strauss Hauer & Feld

Akin Gump Strauss Hauer & Feld

Akin is a leading global law firm providing innovative legal services and business solutions to individuals and institutions. Practice areas include Cybersecurity, Privacy and Data Protection.

Kualitatem

Kualitatem

Kualitatem Inc. is an independent software testing and information systems auditing company

Cyberia Group

Cyberia Group

Cyberia is a leading Internet and Security services provider with operations in Saudi Arabia, Lebanon and Jordan.

Quaynote Communications

Quaynote Communications

Quaynote Communications is a specialist conference and communications company focused primarily on the maritime, yachting, aviation and security industries.

Crashtest Security

Crashtest Security

Crashtest Security is a cyber security company that helps digital companies to continuously create secure software with the help of automated vulnerability assessments.

Asia Data Destruction (ADD)

Asia Data Destruction (ADD)

ADD is the leading IT Assets Disposal and Data Destruction Company in Thailand.

Ergo

Ergo

Ergo is a world-class IT Partner of choice, leveraging the latest technology available in cloud, mobility, big data, analytics, and social media.

InfoSec Conferences

InfoSec Conferences

InfoSec Conferences is an online directory of infosec conferences. We list every single Information Security conference, event and seminar within every niche in Cybersecurity.

CRI Group

CRI Group

CRI Group excels at deterring, detecting and investigating crimes against businesses using a global network of professionals specially trained in Anti-Corruption, Risk Management and Compliance.

Graylog

Graylog

Graylog provides answers to your team’s security, application, and IT infrastructure questions by enabling you to combine, enrich, correlate, query, and visualize all your log data in one place.

Certihash

Certihash

Certihash have developed the world’s first blockchain empowered suite of information security tools based on the NIST cybersecurity framework.

Truly Secure

Truly Secure

Truly Secure is an IT Service Provider that ensures greater efficiency and security within a company's technological environment.

Protectt.ai Labs

Protectt.ai Labs

Protectt.ai Labs is India’s first mobile security start up building awareness & providing solutions for mobile app, device & transaction security.

Security Discovery

Security Discovery

Stay ahead of cyber threats with Security Discovery. We offer expert consulting, comprehensive services, and a powerful vulnerability monitoring SaaS platform.

Invictus International Consulting

Invictus International Consulting

Invictus International Consulting are a recognized leader in full-spectrum cyber technology solutions designed to protect the security of our nation's global defense and critical infrastructure.

StealthMole

StealthMole

StealthMole is a deep and dark web threat intelligence company that delivers a cloud-based, unified platform for digital investigation, risk assessment, and threat monitoring.