Latest news with #Cyberpartisans
Forbes
3 days ago
- Politics
- Forbes
Russian Airline Aeroflot Hit By Cyberattack, Grounding Flights
Russia's national airline, Aeroflot, has suffered a cyberattack that crippled IT systems, forcing it ... More to ground dozens of flights across the country. Russia's national airline, Aeroflot, has suffered a cyberattack that crippled IT systems, forcing it to ground dozens of flights across the country. Pro-Ukrainian hacker collective Silent Crow has taken credit for the cyberattack, according to TechCrunch, which cites a Telegram post claiming the breach. Silent Crow performed the attack on Aeroflot alongside another Belarusian hacking group Cyberpartisans — which announced its role in a post on X, formerly Twitter, citing Russia's ongoing war in Ukraine. Silent Crow said it had 'completely destroyed' Aeroflot's IT systems. The attackers were reportedly able to take over Aeroflot's critical systems and access terabytes of internal company data. They posted screenshots apparently showing how they had accessed Aeroflot's internal active directory and claimed to be in possession of the personal data of every Russian who has flown with the airline. The hackers also threatened to leak this data. Russian prosecutors have issued a statement confirming over 60 flights have been cancelled and said they are now investigating the cyberattack. Aeroflot said the cancelled flights were mostly within Russia but also including routes to Belarus and Armenia, according to the BBC. The Kremlin has reportedly called this 'worrying.' Cyberattacks on airlines are a growing threat, with hacker collective Scattered Spider targeting the sector over the last few months, leading to an FBI warning on the subject. In this case, attackers relied on social engineering techniques, such as impersonating employees or contractors to deceive IT help desks into granting access, according to the FBI. It's not known how hackers gained access to Aeroflot's IT systems, or even for sure who performed the attack. However, Silent Crow and Cyberpartisans claim to have political aims. With geopolitical tensions rising across the globe, the attack on Russia's national airline is a prime example of how warfare has gone beyond physical. Following the Aeroflot attack, Russian MP, Anton Gorelkin noted in a statement: 'We must not forget that the war against our country is being waged on all fronts, including the digital one.' 'These cyberattacks raise concerns about a country's own national security, critical national infrastructure as well as the safety of sensitive information,' says Spencer Starkey, executive VP of EMEA at SonicWall. The Aeroflot cyberattack shows damage that can be done by an attack on an airline, making it key that the sector has the right safeguards in place to protect IT systems from falling victim to a breach of this kind. It also shows how this type of critical infrastructure can be used in warfare— a chilling sign of how future wars could be waged.
Reuters
4 days ago
- Politics
- Reuters
Pro-Ukrainian hackers claim massive cyberattack on Russia's Aeroflot
MOSCOW, July 28 (Reuters) - Russian national flag carrier Aeroflot ( opens new tab was forced to cancel dozens of flights on Monday, disrupting travel across the world's biggest country, as two pro-Ukraine hacking groups claimed to have inflicted a crippling cyberattack. The Kremlin said the situation was worrying, and lawmakers called it a wake-up call for Russia. Prosecutors confirmed the disruption was caused by a hack and opened a criminal investigation. Senior lawmaker Anton Gorelkin said Russia was under digital attack. "We must not forget that the war against our country is being waged on all fronts, including the digital one. And I do not rule out that the 'hacktivists' who claimed responsibility for the incident are in the service of unfriendly states," Gorelkin said in a statement. Another member of parliament, Anton Nemkin, said investigators must identify not only the attackers but "those who allowed systemic failures in protection". Aeroflot did not say how long the problems would take to resolve, but departure boards at Moscow's Sheremetyevo Airport turned red as flights were cancelled at a time when many Russians take their holidays. The company's shares were down by 3.9% by 1300 GMT, underperforming the wider market, which was 1.4% lower. A statement purporting to be from a hacking group called Silent Crow said it had carried out the operation together with Belarusian Cyberpartisans, a self-styled hacktivist group that opposes president Alexander Lukashenko and says it wants to liberate Belarus from dictatorship. "Glory to Ukraine! Long live Belarus!" said the statement in the name of Silent Crow. Belarusian Cyberpartisans said on its website: "We are helping Ukrainians in their fight with the occupier, carrying out a cyber strike on Aeroflot and paralysing the largest airline in Russia." There was no immediate comment from Ukraine. Silent Crow has previously claimed responsibility for attacks this year on a Russian real estate database, a state telecoms company, a large insurance firm, the Moscow government's IT department and the Russian office of South Korean carmaker KIA. Some of those resulted in big data leaks. "The information that we are reading in the public domain is quite alarming. The hacker threat is a threat that remains for all large companies providing services to the population," Kremlin spokesman Dmitry Peskov said. Aeroflot said it had cancelled more than 40 flights - mostly within Russia but also including routes to the Belarusian capital Minsk and the Armenian capital Yerevan - after reporting a failure in its information systems. An online departure board for Sheremetyevo airport showed dozens of others were delayed. "Specialists are currently working to minimise the impact on the flight schedule and to restore normal service operations," Aeroflot said. The statements from Silent Crow and Belarusian Cyberpartisans said the cyberattack was the result of a year-long operation which had deeply penetrated Aeroflot's network, destroyed 7,000 servers and gained control over the personal computers of employees, including senior managers. They published screenshots of file directories purportedly from inside Aeroflot's network and threatened to soon start releasing "the personal data of all Russians who have ever flown Aeroflot", as well as intercepted conversations and emails of Aeroflot staff. Since Moscow launched its war in Ukraine in February 2022, travellers in Russia have become used to flight disruptions, usually caused by temporary airport closures during drone attacks. Russian companies and government websites have been subjected to sporadic hacking attacks, but Monday's was potentially the most damaging, because of the widespread disruption and the high profile of Aeroflot. Former Aeroflot pilot and aviation expert Andrei Litvinov told Reuters: "This is a serious disaster. Okay, flight delays - you can survive that. But these are losses, huge losses for a state-owned company." He added: "If all the correspondence, all the corporate data is exposed - this can have very long-term consequences ... First the drones, and now they are blowing up this situation from the inside." Passengers vented their anger on social network VK, complaining about a lack of clear information from the airline. Malena Ashi wrote: "I've been sitting at Volgograd airport since 3:30!!!!! The flight has been rescheduled for the third time!!!!!! This time it was rescheduled for approximately 14:50, and it was supposed to depart at 5:00!!!" Another woman, Yulia Pakhota, posted: "The call centre is unavailable, the website is unavailable, the app is unavailable. "How can I return a ticket or exchange it for the next flight, as Aeroflot suggests?" Aeroflot said affected passengers could get a refund or rebook as soon as its systems were back and it was trying to get some passengers seats on other airlines. Despite Western sanctions on Russia that have drastically limited travel and routes, Aeroflot remains among the top 20 airlines worldwide by passenger numbers, which last year hit 55.3 million people, according to its website.
