Hackers hacked into Russian Aeroflot data: much of the IT infrastructure was destroyed and dozens of flights were canceled

As a result of a large-scale cyberattack by two hacker groups — Silent Crow and the Belarusian “Cyberpartisans” — the IT infrastructure of the Russian airline Aeroflot was destroyed, dozens of flights were canceled, and 20 TB of data was stolen, including personal information of passengers. The hackers said that they had been monitoring the company’s critical systems for a year, and are now preparing to publish the stolen information. In response, the Russian authorities are silent.

It is noted that on July 28, Aeroflot announced the cancellation of at least 42 flights from Moscow, explaining this by a “failure in information systems.” However, later the hacker groups Silent Crow and “Cyber partisans BY” claimed responsibility for the largest hack in the history of Russian aviation.

According to the hackers, about 7,000 physical and virtual servers were destroyed. Critical systems were disabled:

• reservation and ticket sales systems (Sabre, Sirax),
• CRM, ERP, 1C accounting platforms,
• internal document flow (SharePoint, Exchange),
• video surveillance, monitoring and telephony systems,
• computers of the company’s management and employees.

The hackers claim to have controlled all of the company’s digital processes for a year and obtained:

• access to passengers’ personal data (name, passport, routes, payment details),
• audio recordings of office conversations,
• security camera video,
• internal correspondence and official documentation.

Cyber activists announced their intention to publicly release some of the data, calling the attack a “strategic defeat” for Russia.

“The personal data of all Russians who have ever flown with Aeroflot have now also set off on a journey — without luggage and one-way,” the hackers ironically write.

Aeroflot has not yet commented on the hacking itself or the scale of the losses. Russian intelligence services are also silent. Instead, hackers say that this attack was a warning to the FSB, the National Security and Defense Council, and other structures that failed to protect key infrastructure.

Experts estimate that restoring the digital infrastructure will cost the company tens of millions of dollars. Some systems, the hackers claim, are not recoverable at all.

By the way, Ukrainian cyber activists, in cooperation with military intelligence, successfully paralyzed the activities of one of the largest Russian drone manufacturers , the company Gaskar Integration. As a result of the attack, more than 47 TB of critical data was destroyed, internal systems were blocked, and the plant’s work was effectively stopped.

We will remind you that cyber specialists of the Main Intelligence Directorate of the Ministry of Defense of Ukraine disabled the website of the Russian railway, carrying out a powerful attack.

Previously, GUR cyber specialists attacked the Russian Regiontransservice and disabled all services.

Also follow “Pryamim” on Facebook , Twitter , Telegram , and Instagram.