- Russian airline Aeroflot confirms suffering an IT incident
- More than 40 flights were allegedly grounded following attack
- Silent Crow and Cyberpartisans both claimed responsibility
Aeroflot, Russia’s largest airline, has suffered a cyberattack which disrupted its operations and grounded dozens of flights.
The news was confirmed by the airline, as well as by the Kremlin itself – and also by two cybercriminal groups who claimed responsibility for the attack – Silent Crow, and Cyberpartisans.
The former is a Ukrainian group, while the latter – Belarusian.
“War on all fronts”
In a Telegram group, Silent Crow apparently said its “prolonged and large-scale operation” – “completely destroyed” the airline’s IT system. As a result, more than 40 flights were canceled, the BBC reported, mostly domestic flights inside Russia, but also a few routes to Belarus and Armenia.
Cyberpartisans also confirmed taking part in the hack, noting, “We are helping Ukrainians in their fight with the occupier, carrying out a cyber strike on Aeroflot and paralysing the largest airline in Russia.”
Reliable information from Russia is hard to come by, but some media are reporting that the airline confirmed having issues with its information system.
“We must not forget that the war against our country is being waged on all fronts, including the digital one,” the BBC cited Anton Gorelkin, a Russian MP.
Since the war between Russia and Ukraine started in 2022, cybercriminals, hacktivists, and state-sponsored hacking groups have been active more than usual, trading blows across the internet, disrupting critical infrastructure organizations, spying on military, defense, government, and IT organizations, and stealing sensitive data.
Conti, which was a major ransomware operator at the time, publicly sided with Russia, stating they would retaliate against any attacks on Russia in cyberspace. This angered its affiliates, many of which were Ukrainian. Soon after, an unidentified hacker leaked Conti’s chat logs which, although indirectly, resulted in the group’s disbanding.
In June 2024, one person was arrested in Ukraine, under suspicion that they developed encryptors for Conti.