Latest news with #CyberPartisans
Malay Mail
2 days ago
- Politics
- Malay Mail
‘Complete compromise': Ukraine, Belarus hackers claim responsibility for cyberattack on Aeroflot
MOSCOW, July 29 — Ukrainian and Belarusian hacker groups claimed responsibility Monday for a cyberattack on Russia's national airline Aeroflot that has grounded dozens of flights. Travel disruptions have become common in Russia since the Ukraine conflict began, often due to Ukrainian drones cutting through airspace, but this is the first time a cyberattack has caused such a blockage. Russia's state prosecutor's office said it had opened a criminal investigation after flights were disrupted at Moscow's main Sheremetyevo airport, Aeroflot's home base, calling it a 'a hacking attack'. Aeroflot referred only to a 'breakdown in the IT system,' saying at least 64 flights were grounded on Monday and cancelling 14 more for Tuesday. 'We've already arrived at the airport and found out that the flight has been cancelled,' Mikhail, a passenger waiting at Sheremetyevo, told AFP. 'This is not the first flight cancelled in July for us,' he said. 'It's sad, it's impossible to plan business trips.' The Ukrainian hacking group Silent Crow and the Belarusian group Cyber Partisans claimed responsibility for the attack. 'We announce the successful completion of a long-term and large-scale operation that resulted in the complete compromise and destruction of the internal IT infrastructure of Aeroflot,' they said in a joint statement. The attack was made possible by lax security, Cyber Partisans said in a separate statement, claiming that Aeroflot's CEO Sergei Alexandrovsky had not changed his password since 2022. They said the company was also using outdated software such as the 'Windows XP and Windows 2003' operating systems. The hackers hinted they would publish the personal data of all Russians who had flown with Aeroflot. Russia's cybersecurity watchdog Roskomnadzor did not confirm the data leak, state news agency RIA Novosti reported. Aeroflot said that it was 'working to restore normal operation as quickly as possible,' adding that most of its flights were operating according to schedule. The Kremlin said it was alarmed by the incident. 'We will, of course, clarify the information and wait for an appropriate explanation,' spokesman Dmitry Peskov told reporters. Ukraine and its allies have long accused Russia of state-backed cyberwarfare, disrupting government and private IT systems around the world and damaging critical infrastructure. The European anti-crime body Europol said this month that it had dismantled a pro-Russian hacking group accused of launching thousands of online attacks against Ukraine and its allies. — AFP
The Independent
2 days ago
- Politics
- The Independent
Hackers confirm year-long infiltration of Russia's national airline
Russia 's national airline Aeroflot was forced to cancel numerous flights after a significant cyber attack disrupted its computer systems. Hacking groups Silent Crow and Cyber Partisans claimed responsibility, stating they had compromised and destroyed Aeroflot's internal IT infrastructure. Silent Crow alleged a year-long infiltration led to the theft of 20 terabytes of data and the destruction of 7,000 servers. Silent Crow, positioning itself as a pro-Ukraine hacktivist group, has previously claimed responsibility for attacks on Russian targets, including Rosreestr and Rostelecom. The Kremlin described the incident as "worrying," prompting a criminal investigation and calls from a senior lawmaker for stronger cyber defences.
Reuters
2 days ago
- Politics
- Reuters
'Partisans' who paralyzed Russian airports have track record of disruptive hacks
WASHINGTON, July 28 (Reuters) - One of the groups claiming responsibility for the digital sabotage at Aeroflot, Russia's flagship airline, has a track record of disruptive hacks. The Belarusian Cyber Partisans – a long-established group sworn to overthrow Belarusian President Alexander Lukashenko – joined with a more obscure group known as Silent Crow to claim responsibility for the crippling intrusion at Aeroflot that canceled dozens of flights on Monday and led to travel disruptions across Russia. First emerging in 2020 in the wake of mass demonstrations against Lukashenko's reelection, the Cyber Partisans have claimed responsibility for a series of eye-catching hacks, including the defacement of Belarusian state media sites, repeated thefts of law enforcement data, and a 2022 attack against Belarusian Railway that they said had interfered with freight travel. Last year, the group claimed repeated attacks on fertilizer complex Grodno Azot, where they said they had tampered with the operations of the plant's boiler. Reuters has not been able to independently authenticate all the group's claims or measure its disruptive impact, but the data stolen by the hackers has in the past been cross-checked and validated by groups such as Bellingcat, the open source investigators. Yuliana Shemetovets, a spokesperson for the Cyber Partisans, told Reuters on Monday that she operates from the United States and said the group consisted of around 30 core members, mostly operating from outside of Belarus. Silent Crow has a lower profile. It has claimed responsibility for attacks this year on a Russian real estate database, a state telecoms company, a large insurance firm, the Moscow government's IT department, and the Russian office of South Korean carmaker KIA. Russian cybersecurity firm has been tracking Silent Crow as a politically motivated group, active since mid-2022, with potential links to multiple pro-Ukrainian hacker groups, according to an entry in public database. Ukraine and Russia have been at war since Russia invaded in February 2022. Reuters was unable to immediately contact Silent Crow and did not immediately return a request seeking comment. Members of the Belarusian Cyber Partisans may also have pro-Ukraine ties. In June, researchers with Russian anti-virus firm Kaspersky said they had identified a suspected member of the group, opens new tab active in a Telegram group devoted to the "IT Army of Ukraine," a group of pro-Ukrainian hackers backed by the government in Kyiv. Shemetovets told Reuters that there was no collaboration between the Cyber Partisans and any state security or intelligence services as part of the attack on Aeroflot. Andrii Baranovych, a fixture of the Ukrainian hacker scene, said independent groups often hand stolen data over to Ukraine's intelligence service but that as far as he was aware there was no state backing for the attack on Aeroflot.
ABC News
2 days ago
- Business
- ABC News
Pro-Ukraine hackers launch massive cyber attack on Russia's Aeroflot airline, forcing dozens of delays
Russia's national airline Aeroflot has been forced to cancel dozens of flights, disrupting travel across the world's biggest country, after two pro-Ukraine hacking groups claimed to have inflicted a crippling cyber attack on the carrier. The Kremlin said on Monday that the situation was worrying, and Russian politicians have called it a wake-up call for the country. Prosecutors also confirmed the disruption was caused by a hack and opened a criminal investigation, while senior politician Anton Gorelkin said Russia was under digital attack. "I do not rule out that the 'hacktivists' who claimed responsibility for the incident are in the service of unfriendly states." Another member of parliament, Anton Nemkin, said investigators must identify not only the attackers but "those who allowed systemic failures in protection". Aeroflot did not say how long the problems would take to resolve, but departure boards at Moscow's Sheremetyevo Airport turned red as flights were cancelled at a time when many Russians take their holidays. The company's shares were down by 3.9 per cent on Monday, underperforming the wider market, which was 1.4 per cent lower. A statement purporting to be from a hacking group called Silent Crow said it had carried out the operation together with Belarusian Cyber Partisans, a self-styled hacktivist group that opposes president Alexander Lukashenko and says it wants to liberate Belarus from dictatorship. "Glory to Ukraine! Long live Belarus!" said the statement using the Silent Crow name. Cyber Partisans said on its website: "We are helping Ukrainians in their fight with the occupier, carrying out a cyber strike on Aeroflot and paralysing the largest airline in Russia." There was no immediate comment from Ukraine. Silent Crow has previously claimed responsibility for attacks this year on a Russian real estate database, a state telecoms company, a large insurance firm, the Moscow government's IT department and the Russian office of South Korean car manufacturer KIA. Some of those incidents resulted in big data leaks. "The information that we are reading in the public domain is quite alarming. The hacker threat is a threat that remains for all large companies providing services to the population," Kremlin spokesperson Dmitry Peskov said. Aeroflot said it had cancelled more than 40 flights — mostly within Russia but also including routes to the Belarusian capital Minsk and the Armenian capital Yerevan — after reporting a failure in its information systems. An online departure board for Sheremetyevo airport also showed dozens of others were delayed. "Specialists are currently working to minimise the impact on the flight schedule and to restore normal service operations," Aeroflot said. The statements from Silent Crow and Belarusian Cyber Partisans said the cyber attack was the result of a year-long operation which had deeply penetrated Aeroflot's network, destroyed 7,000 servers and gained control over the personal computers of employees, including senior managers. They published screenshots of file directories purportedly from inside Aeroflot's network and threatened to soon start releasing "the personal data of all Russians who have ever flown Aeroflot", as well as intercepted conversations and emails of Aeroflot staff. Since Moscow launched its war in Ukraine in February 2022, travellers in Russia have become used to flight disruptions, usually caused by temporary airport closures during drone attacks. Russian companies and government websites have been subjected to sporadic hacking attacks, but Monday's incident was potentially the most damaging because of the widespread disruption and the high profile of Aeroflot. Former Aeroflot pilot and aviation expert Andrei Litvinov told Reuters: "This is a serious disaster. Okay, flight delays — you can survive that. But these are losses, huge losses for a state-owned company." Passengers vented their anger on social network VK, complaining about a lack of clear information from the airline. One traveller, Malena Ashi wrote: "I've been sitting at Volgograd airport since 3:30!!!!! The flight has been rescheduled for the third time!!!!!! This time it was rescheduled for approximately 14:50, and it was supposed to depart at 5:00!!!" Another woman, Yulia Pakhota, said: "The call centre is unavailable, the website is unavailable, the app is unavailable. "How can I return a ticket or exchange it for the next flight, as Aeroflot suggests?" Aeroflot said affected passengers could get a refund or re-book as soon as its systems were back and it was trying to get some passengers seats on other airlines. Despite Western sanctions on Russia that have drastically limited travel and routes, Aeroflot remains among the top 20 airlines worldwide by passenger numbers, which last year hit 55.3 million people, according to its website. Reuters
The Guardian
2 days ago
- Politics
- The Guardian
Russia's Aeroflot cancels flights after pro-Ukraine hackers claim cyber-attack
The Russian airline Aeroflot was forced to cancel dozens of flights on Monday after a shadowy pro-Ukraine hacking group claimed responsibility for what it said was a crippling cyber-attack. The national carrier did not provide further details about the cause of the problem or how long it would take to resolve, but departure boards at Moscow's Sheremetyevo airport turned red as flights were cancelled at a time when many Russians take their holidays. The Kremlin said the situation was worrying, and prosecutors confirmed the airline's problems were the result of a hack and opened a criminal investigation. A statement purporting to be from a hacking group called Silent Crow said it had carried out the operation with a Belarusian group called Cyber Partisans, and linked it to the war in Ukraine. 'Glory to Ukraine! Long live Belarus!' said the statement, whose authenticity Reuters could not immediately verify. Silent Crow has previously claimed responsibility for attacks this year on a Russian real estate database, a state telecoms company, a large insurer, the Moscow government's IT department and the Russian office of the South Korean carmaker Kia. Some of these resulted in big data leaks. 'The information that we are reading in the public domain is quite alarming. The hacker threat is a threat that remains for all large companies providing services to the population,' the Kremlin spokesperson, Dmitry Peskov, said. 'We will, of course, clarify the information and wait for appropriate clarifications.' Aeroflot, the transport ministry and the aviation regulator did not immediately respond to requests for comment on the hacking claim. The airline said it had cancelled more than 50 flights – mostly within Russia but also including routes to the Belarusian capital, Minsk, and the Armenian capital, Yerevan – after reporting a failure in its information systems. At least 10 other flights were delayed. 'Specialists are currently working to minimise the impact on the flight schedule and to restore normal service operations,' it said. The statement in the name of Silent Crow said the cyber-attack was the result of a year-long operation that had deeply penetrated Aeroflot's network, destroyed 7,000 servers and gained control over the personal computers of employers including senior managers. It did not provide evidence. It threatened to shortly start releasing 'the personal data of all Russians who have ever flown Aeroflot'. Sign up to Business Today Get set for the working day – we'll point you to all the business news and analysis you need every morning after newsletter promotion Since Russia launched its war in Ukraine in February 2022, travellers in Russia have become accustomed to flight disruptions. However, those delays have usually been caused by temporary airport closures during drone attacks. Irate passengers vented their anger on the social network VK, complaining of a lack of clear information from the airline. Malena Ashi wrote: 'I've been sitting at the Volgograd airport since 3:30!!!!! The flight has been rescheduled for the third time!!!!!! This time it was rescheduled for approximately 14:50, and it was supposed to depart at 5:00!!!' Another traveller, Yulia Pakhota, posted: 'The call centre is unavailable, the website is unavailable, the app is unavailable. How can I return a ticket or exchange it for the next flight, as Aeroflot suggests?' Aeroflot said affected passengers could get a refund or rebook within 10 days. Despite western sanctions imposed on Russia that have drastically limited travel and routes, Aeroflot remains among the top 20 airlines worldwide by passenger numbers, which last year hit 55.3 million people, according to its website.
