An Indian airline says that an “attempted ransomware attack” against its IT infrastructure caused flights to be delayed or canceled, and left passengers stranded.
Flights with popular Indian budget airline SpiceJet were disrupted by the cyber attack on Tuesday night, but the firm initially downplayed the impact of the attack – claiming that it had merely “slowed down morning flight departures”.
In a tweet, SpiceJet claimed that it had now “rectified the situation” and that all flights were “operating normally”
However, some passengers shared photos and videos on social media demonstrating that they had waited hours to be boarded, without any information being provided by SpiceJet, long after the company claimed to have resolved the issue.
Others, frustrated by the disruption to their journeys, said that they had attempted to contact the airline’s customer care department via telephone, WhatsApp, and its automated customer service agent “Ms Pepper,” without success.
In its most recent update, SpiceJet says that although it believes its IT team has “to a large extent contained and rectified the situation,” there has been a knock-on effect to flights which has resulted in delays.
One high-profile person affected was Indian politician Dr. Satish Poonia, who expressed his disappointment both at his delayed travel, but also the lack of an explanation. Dr. Poonia described the company’s handling of the delay as “very shameful, gross negligence.”
At the time of writing, it is unclear which ransomware operation may have attacked SpiceJet, and no details have been shared as to the extent of damage it may have caused.
However, all businesses would be wise to adopt the tried-and-trusted best practices which can help strengthen networks against ransomware attacks.
These include, but are not limited to, patching software, using unique and strong passwords, enabling multi-factor authentication, disabling unused remote access ports and monitoring logs, auditing user accounts with admin privileges, and ensuring that critical data is safely backed up.
In addition, employees should be educated about the threats and trained to learn how ransomware attacks can be disguised.