An Airline Brought To A Standstill By Ransomware

Uploaded on 2022-05-31 in FREE TO VIEW, BUSINESS-Services-Transport & Travel

Hundreds of people were stranded at airports across India after the SpiceJet airline reported that it was hit with a ransomware attack. India’s SpiceJet airline, was forced to delay numerous flights on Wednesday 25th May after being hit by a ransomware attack that occurred the previous day. 

The company released a post to Twitter confirming that its operations had been impacted by the cyber security incident. 

Several flights were delayed on Wednesday 25th May, with passengers complaining about lack of service.
Many tweeted photographs and videos saying that they had been waiting for hours after boarding, without any response from the airline.“Certain SpiceJet systems faced an attempted ransomware attack last night that impacted and slowed down morning flight departures today,” the BBC wrote on Twitter on Wednesday 25th. 
“Our IT team has contained and rectified the situation and flights are operating normally now.”

On Thursday 26th, morning flight departures were still suffering from the effects of the cyber attack, although SpiceJet reported that the situation had been contained and rectified by its IT team. Some users took to social media to complain about the flight delays, however, the consequences of the ransomware attack could have been far worse.

Cyber security researchers stated that if the systems had been fully breached, more severe implications could have occurred such as system wide outages, exposed data, and reputation damage. 

SpiceJet is a low-cost airline and the second-largest in India based on the number of domestic passengers it carries, about 12 million a month. Based in Delhi and Hyderabad, the airline typically has about 630 flights per day and operates in 54 Indian cities as well as 15 other locations internationally. 

SpiceJet was involved in a previous cyber security incident in which the personal information over one million customers was exposed in 2020. Researchers also believe that companies should be able to respond to threats in real time to severely limit the consequences of these attacks.

SpiceJet is not alone among airlines when it comes to being slowed down by ransomware. Bangkok Airways was hit by a LockBit attack in August 2021, resulting in over 100GB of data being disclosed when the airline chose not to pay the ransom. 

SoiceJet:     IQStock:    Oodaloop:     Infosecurity Magazine:   BBC:     The Record:     The Register:   

You Might Also Read: 

Multiple Airlines Hit By Supply Chain Attack:

 

 

« Energy Companies Unready For Lethal Cyber Attacks
Estonia Fears Cyber Attacks Will Rise Because Of War In Ukraine »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Globalscape

Globalscape

Globalscape is a leader in secure data exchange solutions.

Thales

Thales

Thales provides solutions, services and products that help its customers in the defence, aeronautics, space, transportation and digital identity and security markets to fulfil their critical missions.

Australian Signals Directorate (ASD)

Australian Signals Directorate (ASD)

The Australian Signals Directorate is an intelligence agency in the Australian Government Department of Defence.

AET Europe

AET Europe

AET Europe is specialised in creating technological solutions for user identification and authentication.

SafeBreach

SafeBreach

SafeBreach's platform simulates hacker breach methods across the entire kill chain to identify breach scenarios in your environment before an attacker does.

Proficio

Proficio

Proficio is a world-class Managed Security Service Provider providing managed detection and response solutions, 24×7 security monitoring and advanced data breach prevention services worldwide.

IAC

IAC

IAC is a specialist Irecruitment consultancy covering Internal Audit, Risk, Controls, Governance, IT Audit, and Cyber Security roles.

Fraud.com

Fraud.com

Fraud.com ensures trust at every step of the customer's digital journey; this complete end-to-end protection delivers unified identity, authentication and fraud detection and prevention.

Logic Supply

Logic Supply

Logic Supply is a global industrial PC company focused on hardware for the IoT edge. We design highly-configurable computers engineered for reliability.

ADGS

ADGS

ADGS is a deeptech company focused in the fields of Agent-Based simulations (Emergent Behavior), Cybersecurity and Biometrics, Social Dynamics, Natural Language Processing and Artificial Intelligence.

NANDoff Data Recovery

NANDoff Data Recovery

NANDoff is a flat rate data recovery service. We serve the electronics industry around the globe 24/7.

Solvere One

Solvere One

Solvere One is a managed service provider (MSP) focused on corporate consulting and partnership.

Punk Security

Punk Security

Punk Security are specialists in integrating security into DevOps pipelines, enabling rapid and secure development.

Bright Data

Bright Data

Bright Data Inc is the world’s #1 web data platform, enabling organizations to research, monitor, analyze data, and make better decisions.

Cylab - Carnegie Mellon University

Cylab - Carnegie Mellon University

Carnegie Mellon University CyLab is the University's security and privacy research institute.

RST Cloud

RST Cloud

RST Cloud is a cutting-edge technology company that specialises in threat intelligence solutions for businesses of all sizes.