Indian low-cost airline SpiceJet Ltd. has been forced to cancel flights following a ransomware attack.
SpiceJet officially describes it as an “attempted ransomware attack,” but you don’t delay and cancel flights as it did today just because of an “attempted” attack. In a statement, the airline said that “certain of our systems faced an attempted ransomware attack last night that impacted our flight operations.”
The airline claims that its information technology team has contained the “attempted” attack and has “rectified the situation.” If it were attempted, there would be nothing to rectify, so the ransomware clearly got into some of its systems.
What form the ransomware attack was involved is not known. SpiceJet is primarily a domestic low-cost airline, but before the COVID pandemic, it flew to some international destinations, such as Thailand.
All of SpiceJet’s websites are currently offline at the time of writing. Suffice to say, that’s not a good sign.
“Although SpiceJet was able to contain the recent ransomware attack, the airline is still suffering from flight delays, unavailable booking systems and no way for customers to contact customer service,” Stephan Chenette, co-founder and chief technology officer of cybersecurity readiness company AttackIQ Inc., told SiliconANGLE. “As evidenced by this and many other recent ransomware attacks, it’s no longer an issue of just whether or not to pay the ransom – it is likely that the organization will suffer reputational damage, legal consequences, and loss of data and business.”
Craig McDonald, vice president of product management at network automation firm BackBox Software Ltd., noted that although SpiceJet’s IT team was able to thwart the ransomware attack before it was able to take over and fully breach internal systems, even an attempted cyberattack can result in unwanted ramifications.
“In this case, customers have taken to social media to share ongoing problems that include flight delays, inaccessible booking systems and customer service,” McDonald explained. “SpiceJet is the second-largest airline in India, serving over 60 destinations, and the delays ranging from two to five hours can generate significant financial loss when routine operations are affected within an airline this large.”
Josh Rickard, security automation architect at low-code security automation company Swimlane Inc., offered advice for other organizations to avoid such situations.
“To ensure that organizations are prepared to defend against similar cyber incidents and requisite day-to-day operations are able to occur without disruption, it is essential that security and IT teams have full visibility into their environments,” Rickard said. “Leveraging security automation allows these teams to respond to threats in real-time to limit the consequences of these attacks, as well as minimize the chance of human error within IT processes by centralizing and automating detection, response and investigation protocols into a single platform.”