Ransomware Attack On SpiceJet: How Safe Is Aviation Sector From Cyber Attack

NEW DELHI: SpiceJet, India’s one of the leading airlines on Tuesday reported an “attempted ransomware attack” on its systems, delaying flights and leaving many passengers stuck at airports.

On Wednesday, several planes were delayed, and passengers complained about a lack of service.

Many people tweeted photos and videos of themselves waiting for hours after boarding, with no response from the airline.

SpiceJet afterwards issued a statement stating that the situation had been resolved.

The company said on its social media platform – Our IT staff has contained and corrected the incident, and flights are now operating regularly.

#ImportantUpdate: Certain SpiceJet systems faced an attempted ransomware attack last night that impacted and slowed down morning flight departures today. Our IT team has contained and rectified the situation and flights are operating normally now.

— SpiceJet (@flyspicejet) May 25, 2022

However, the airlines didn’t disclose the magnitude of the attack.

WHATS IS RANSOMWARE

Ransomware is a sort of malware that encrypts its victims’ vital data and files. In exchange for regaining access to the data, the attacker then demands a ransom from the victim. Users are instructed on how to obtain the decryption key by paying a fee. Hackers can face fines ranging from a few hundred dollars to thousands of dollars, which are occasionally paid in Bitcoin.

Following the airline’s message, numerous passengers rushed to social media to complain they were still detained at multiple airports, that they had been waiting for hours without food or water, and that ground employee had provided minimal contact.

The incident has brought cyber security in the aviation sector back in limelight. In the past, there have been several incidents where hackers targeted either big airlines, travel portals or the airport.

AVIATION CYBER SECURITY

In recent years, we have seen significant attacks on huge organisations, key infrastructures of various types, governments, and SMEs with varying levels of sophistication and severity in their impact.

Civil aviation is heavily reliant on cyber-enabled technology, which is utilised to improve air transport safety and efficiency. However, system interconnection and reliance on technology produced ideal conditions for new hazards to emerge. The aviation industry employs a vast computer-based interconnected system that includes air navigation systems, on-board aircraft control and communication systems, airport ground systems, flight information systems, security screening, and numerous other systems that are used on a daily basis and for all aviation-related operations. The aviation industry is trending toward greater digitalization. As the relationships between people and systems get more complex, the risk becomes more difficult to forecast.

ALSO READ: Cyber Attack On India’s Biggest Port: Ransomware Cripples Services At Jawaharlal Nehru Port Trust

PASSENGERS PLIGHT

Airlines travellers took to Twitter to inquire about the status of their flights, with several reporting that “ground staff had vanished from the gate.”

Some said that operations had not yet commenced and that airline personnel were unaware.

A traveller at an airport in the eastern state of West Bengal posted a photo of his wife’s shattered foot, claiming that their aircraft had been delayed for several hours.

ALSO READ: India Ranks 2nd In Cloud Hacking, Govt Most Targeted Industry By Ransomware

Multiple SpiceJet flights were grounded last week after the airline allegedly failed to make payments to the Airports Authority of India (AAI). According to the Times of India, the airline stated that its auto payment facility had a problem, preventing the payment from being made.

TIPS TO STAY SAFE FROM RANSOMWARE

To avoid ransomware, individuals and businesses must maintain awareness of safety and establish best practices.

1. Patch systems regularly: One of the leading causes of cybersecurity breaches is a lack of software updates. Systems must be inventoried, tested for vulnerabilities, and patched regularly.
2. Always have a backup: Risk management and contingency planning are incomplete without backups. Ensure that backups are tested regularly and are separated from the main of the system. Since the bulk of ransomware operations steal information data, copies may not always be enough to protect businesses against extortion efforts.
3. Continuously improve your information security: The majority of attacks start with a phishing scam, and studies show that frequent training in social control strategies can cut the risk of data breaches in half.
4. Always have an incident management strategy on hand: Always be prepared for the worst-case scenario. Endpoint detection and response (EDR) solutions combined with a very well incident management plan can help firms better manage cybercrime, reduce the impact of a security alert, and assist in speedier restoration.
5. Use multifactor authentication (MFA) and improved password management: * Ensure that staff don’t repeat credentials and utilise web encryption software to upgrade their passwords regularly. Businesses should use MFA as an extra step in the verification and authentication of users.

Ransomware protection and surveillance is probably the best option, but it necessitates investing in access control, third-party digital knowledge, cyber insurance carriers with experience in the field, and antiphishing training.
If the computer is infected with ransomware, don’t give in to extortionists’ demands because payment of the ransom will merely foster the spread of ransomware. Instead, contact your local cyber crime team and cooperate with them throughout the inquiry.

Follow The420.in on

 Telegram | Facebook | Twitter | LinkedIn | Instagram | YouTube