On July 29, Russian airline Aeroflot announced that it had stabilized flight operations after a major cyberattack disrupted its IT infrastructure the day before. While Aeroflot described the disruption as a “technical failure,” prosecutors are investigating it as a cyberattack.
Two pro-Ukraine hacking groups, Belarusian Cyber Partisans and the newly emerged Silent Crow, claimed responsibility. They allege a year-long infiltration of Aeroflot’s network, compromising 7,000 servers, extracting employee and passenger data, and accessing senior staff computers. The attackers also cited poor cyber hygiene, claiming that outdated Windows systems and reused or insecure passwords contributed to the breach.
Flight disruptions continued into Tuesday, with around 25 outbound and 31 inbound flights cancelled at Moscow’s Sheremetyevo airport. Despite this, Aeroflot stated that operations were stabilizing, and Russia’s Transport Ministry credited Aeroflot staff and airport teams for swiftly resolving the issue. Reports suggest the airline may be operating on manual systems to maintain service continuity.
Cybersecurity experts in Russia described the incident as a major warning, exposing vulnerabilities exacerbated by isolation and outdated infrastructure. Lawmakers are calling for accountability not only from attackers but also from those responsible for internal security failures.
Aeroflot’s stock recovered slightly after a sharp drop on Monday.
Connect with us : Finstein Cyber — Cybersecurity & VAPT Services
#CyberAttack #CyberSecurity #AviationSecurity #Aeroflot #InfoSec #CriticalInfrastructure #Ransomware #CyberThreats #HackingIncident #DigitalSecurity #CyberHygiene #DataBreach #ITInfrastructure #NationalSecurity #SilentCrow #BelarusianCyberPartisans #APT #ProUkraineHackers #CyberVigilance #TechNews #CyberUpdate #RussianAirlineHack #ThreatIntel #ManualOperations #CyberWarfare #GlobalCyberSecurity
