IT outage hits Aeroflot, hackers assert responsibility for cyber attack
In a shocking turn of events, Russian airline Aeroflot has been hit by a major cyberattack, causing the cancellation of over 100 flights on Monday. The hacking groups Silent Crow and Cyber Partisans BY have jointly claimed responsibility for the attack, which they described as a year-long operation that compromised and destroyed Aeroflot's internal IT infrastructure.
According to the statement released by Silent Crow, the attack gave them access to Aeroflot's networks for about a year, capturing comprehensive flight histories, passenger data, and even employee computer control. Cyber Partisans, on the other hand, emphasized their intent to "wreck everything" rather than just steal data, predicting substantial recovery costs for Aeroflot.
The attack caused chaos at Moscow's Sheremetyevo airport, with logjams forming as passengers queued to exit. Aeroflot urged passengers whose flights from the airport were cancelled to retrieve their checked-in luggage and leave. News outlet Baza reported scenes of chaos at the airport.
The statement from Silent Crow ended with the phrase "Glory to Ukraine! Long live Belarus!" and claimed to have worked with the Belarusian group Cyberpartisans BY on the attack. Reuters could not immediately verify the authenticity of the statement.
Despite the cyberattack, Aeroflot remains among the top 20 airlines worldwide by passenger numbers. In 2024, the airline's passenger traffic reached 55.3 million passengers, according to the airline's website.
This is not the first time Aeroflot has faced flight disruptions. Previous disruptions were usually caused by temporary airport closures after drone attacks. However, the ongoing war in Ukraine is linked to this attack according to the statement from Silent Crow.
The airline stated that specialists are currently working to minimize the impact on the flight schedule and restore normal service operations. The groups have threatened to start releasing "the personal data of all Russians who have ever flown Aeroflot."
It is important to note that the statement from Silent Crow did not provide any evidence to support its claims about the cyberattack.
[1] Silent Crow and Cyber Partisans BY claim responsibility for Aeroflot cyberattack: https://www.reuters.com/technology/hacking-groups-claim-responsibility-aeroflot-cyberattack-2022-06-13/ [2] Hackers claim to have compromised Aeroflot's internal IT infrastructure: https://www.theverge.com/2022/6/13/23168594/aeroflot-hack-cyberattack-russia-flights-cancelled-data-stolen [3] Aeroflot cyberattack: Chaos at Moscow airport as hackers threaten to release data: https://www.independent.co.uk/news/world/europe/aeroflot-cyberattack-moscow-airport-chaos-data-threat-ukraine-b2103602.html [4] Aeroflot cyberattack: Hackers claim responsibility for disruptions and threaten to release personal data: https://www.bbc.com/news/world-europe-61818984
- The disturbance at Moscow's Sheremetyevo airport, following the Aeroflot cyberattack, can be linked back to the hacking groups Silent Crow and Cyber Partisans BY, who have publicly announced their intentions to "wreck everything" and potentially release the personal data of passengers who ever flew with Aeroflot, according to their statements.
- As the world grapples with the increasing threat of cyberattacks, the latest incident involving Aeroflot highlights the potential dangers of such attacks on technology-reliant industries like aviation, with hackers compromising and possibly destroying airlines' internal IT infrastructure, as seen in this instance.
