An Airline Brought To A Standstill By Ransomware

Hundreds of people were stranded at airports across India after the SpiceJet airline reported that it was hit with a ransomware attack. India’s SpiceJet airline, was forced to delay numerous flights on Wednesday 25th May after being hit by a ransomware attack that occurred the previous day. 

The company released a post to Twitter confirming that its operations had been impacted by the cyber security incident. 

Several flights were delayed on Wednesday 25th May, with passengers complaining about lack of service.
Many tweeted photographs and videos saying that they had been waiting for hours after boarding, without any response from the airline.“Certain SpiceJet systems faced an attempted ransomware attack last night that impacted and slowed down morning flight departures today,” the BBC wrote on Twitter on Wednesday 25th. 
“Our IT team has contained and rectified the situation and flights are operating normally now.”

On Thursday 26th, morning flight departures were still suffering from the effects of the cyber attack, although SpiceJet reported that the situation had been contained and rectified by its IT team. Some users took to social media to complain about the flight delays, however, the consequences of the ransomware attack could have been far worse.

Cyber security researchers stated that if the systems had been fully breached, more severe implications could have occurred such as system wide outages, exposed data, and reputation damage. 

SpiceJet is a low-cost airline and the second-largest in India based on the number of domestic passengers it carries, about 12 million a month. Based in Delhi and Hyderabad, the airline typically has about 630 flights per day and operates in 54 Indian cities as well as 15 other locations internationally. 

SpiceJet was involved in a previous cyber security incident in which the personal information over one million customers was exposed in 2020. Researchers also believe that companies should be able to respond to threats in real time to severely limit the consequences of these attacks.

SpiceJet is not alone among airlines when it comes to being slowed down by ransomware. Bangkok Airways was hit by a LockBit attack in August 2021, resulting in over 100GB of data being disclosed when the airline chose not to pay the ransom. 

SoiceJet:     IQStock:    Oodaloop:     Infosecurity Magazine:   BBC:     The Record:     The Register:   

You Might Also Read: 

Multiple Airlines Hit By Supply Chain Attack:

 

 

« Energy Companies Unready For Lethal Cyber Attacks
Estonia Fears Cyber Attacks Will Rise Because Of War In Ukraine »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Juniper Networks

Juniper Networks

Juniper Networks is the industry leader in network innovation. We provide network infrastructure and network security solutions.

Checkmarx

Checkmarx

Checkmarx provides state-of-the-art application security solutions with static code analysis software.

Qualitest Group

Qualitest Group

Qualitest is the world’s largest pure play Quality Assurance and software testing company.

Kroll

Kroll

Protect data, people, reputation and the bottom line with end-to-end cyber security solutions from Kroll, a division of Duff & Phelps.

FarrPoint

FarrPoint

FarrPoint is a specialist telecoms consultancy providing a range of services including cyber security assessments and technical assurance to safeguard your data.

ESL Bangladesh

ESL Bangladesh

ESL is the Largest IT Infrastructure & Telecom Service Provider in Bangladesh.

Corelight

Corelight

Corelight is the most powerful network visibility solution for information security professionals.

Valire Software

Valire Software

Valire provide a solution for the automated detection of internal fraud.

Turkish Accreditation Agency (TURKAK)

Turkish Accreditation Agency (TURKAK)

TURKAK is the national accreditation body for Turkey. The directory of members provides details of organisations offering certification services for ISO 27001.

OpenZeppelin

OpenZeppelin

OpenZeppelin builds developer tools and performs security audits for distributed systems that power multimillion-dollar economies.

Olympus Sky

Olympus Sky

Olympus Sky has created a complete security system that is specifically designed to meet the challenges of IoT, including all of the deficiencies currently challenging Public Key Infrastructure.

SAIFE

SAIFE

SAIFE has adapted a Software Defined Perimeter approach and paired it with a Zero Trust model that defines access by the user, their device, and where they are located.

Etonwood

Etonwood

Etonwood specialises in infrastructure and vendor technology recruitment in areas including cloud platforms, cyber security and service management.

CloudCover

CloudCover

CloudCover is a software-defined cybersecurity risk solution that provides risk awareness, risk analytics, and data security in real time.

eCentre@LindenPointe

eCentre@LindenPointe

The eCenter@LindenPointe provides assistance to the development, management and promotion of STEM (Science, Technology, Engineering, Mathematics) related business ventures.

Zigrin Security

Zigrin Security

Zigrin Security offer comprehensive, hands-on security testing of internal networks, applications, cloud-based solutions, e-commerce applications and mobile devices.