Russian flag-carrier Aeroflot has cancelled 54 round-trip flights after suffering a serious IT problem, apparently the result of a cyberattack on its infrastructure.
Aeroflot says the 260 flights were scheduled for 28 July, adding that 206 are expected to operate. It is describing the occurrence as a “failure” in its IT system.
The Russian transport ministry says measures are being taken to “normalise the situation” with the airline’s services.
These measures include prioritising international flights as well as those to eastern Russia, plus Kaliningrad, Sochi, and Mineralnye Vody.
The ministry says that, if further cancellations are unavoidable, the number of flights operated by competing carriers on multi-frequency routes “will be reduced”.
It adds that customer support has been organised in all the terminals at Moscow Sheremetyevo airport, the airline’s main base.
The office of Russia’s prosecutor general states that the failure in Aeroflot’s system is “the result of a hacker attack”.
Its interregional Moscow division for air transport says it is organising supervisory activity to bring the situation at Sheremetyevo – particularly regarding passenger rights – under control.
Russia’s deputy chair of the parliamentary committee on IT, Anton Gorelkin, says there is a need to bring to justice not only the perpetrators of the attack but “also those officials through whose fault it became possible”.
“Aeroflot must draw the most serious conclusions from this situation,” he adds. “What happened is a lesson not only for those in the air transport market, but for all Russian organisations.”
Responsibility for the cyberattack is being claimed by two pro-Ukrainian groups, known as ‘Silent Crow’ and ‘Kiberpartizany BY’.
While this has yet to be verified, ‘Silent Crow’ issued a detailed statement on social media saying the disruption was the “successful completion” of a “long-term and large-scale operation”, lasting a year, to compromise Aeroflot’s internal IT.
Gorelkin says that Russia is experiencing attacks “on all fronts, including the digital one”.
“Cybersecurity should be given priority attention,” he adds. “It is important not only to meet the formal requirements for security of your information infrastructure, but also to test it regularly. Before your enemies test it for you.”
