MOSCOW :Russian airline Aeroflot was forced to cancel dozens of flights on Monday after a shadowy pro-Ukrainian hacking group claimed responsibility for what it said was a crippling cyberattack.
The national carrier did not provide further details about the cause of the problem or how long it would take to resolve, but departure boards at Moscow’s Sheremetyevo airport turned red as flights were cancelled at a time when many Russians take their holidays.
The Kremlin said the situation was worrying, and prosecutors confirmed the airline’s problems were the result of a hack and opened a criminal investigation.
A statement purporting to be from a hacking group called Silent Crow said it had carried out the operation together with a Belarusian group called Cyberpartisans BY, and linked it to the war in Ukraine.
“Glory to Ukraine! Long live Belarus!” said the statement, whose authenticity Reuters could not immediately verify.
Silent Crow has previously claimed responsibility for attacks this year on a Russian real estate database, a state telecoms company, a large insurance firm, the Moscow government’s IT department and the Russian office of South Korean car marker KIA. Some of these resulted in big data leaks.
“The information that we are reading in the public domain is quite alarming. The hacker threat is a threat that remains for all large companies providing services to the population,” Kremlin spokesman Dmitry Peskov said.
“We will, of course, clarify the information and wait for appropriate clarifications.”
Aeroflot, the transport ministry and the aviation regulator did not immediately respond to requests for comment on the hacking claim.
The airline said it had cancelled more than 50 flights – mostly within Russia but also including routes to the Belarusian capital Minsk and the Armenian capital Yerevan – after reporting a failure in its information systems. At least 10 other flights were delayed.
“Specialists are currently working to minimise the impact on the flight schedule and to restore normal service operations,” it said.
The statement in the name of Silent Crow said the cyberattack was the result of a year-long operation which had deeply penetrated Aeroflot’s network, destroyed 7,000 servers and gained control over the personal computers of employers including senior managers. It did not provide evidence.
It threatened to shortly start releasing “the personal data of all Russians who have ever flown Aeroflot”.
ANGRY PASSENGERS
Since Russia launched its war in Ukraine in February 2022, travellers in Russia have become accustomed to flight disruptions. However, those delays have usually been caused by temporary airport closures during drone attacks.
Irate passengers vented their anger on social network VK, complaining of a lack of clear information from the airline.
Malena Ashi wrote: “I’ve been sitting at the Volgograd airport since 3:30!!!!! The flight has been rescheduled for the third time!!!!!! This time it was rescheduled for approximately 14:50, and it was supposed to depart at 5:00!!!”
Another women, Yulia Pakhota, posted: “The call centre is unavailable, the website is unavailable, the app is unavailable.
How can I return a ticket or exchange it for the next flight, as Aeroflot suggests?”
Aeroflot said affected passengers could get a refund or rebook within 10 days.
Despite western sanctions on Russia that have drastically limited travel and routes, Aeroflot remains among the top 20 airlines worldwide by passenger numbers, which last year hit 55.3 million people, according to its website.
(Additional reporting by Dmitry Antonov, Lidia Kelly, Marina Bobrova, Gleb Stolyarov, Andrew Osborn writing by Mark TrevelyanEditing by Ros Russell)
