Indian airline SpiceJet delayed a quantity of flights on Wednesday right after reporting staying hit by a ransomware attack the former day.
The news was claimed by the BBC, which noticed the company’s tweet previously this week.
“Certain SpiceJet methods faced an attempted ransomware attack past night that impacted and slowed down morning flight departures today,” the enterprise wrote on Twitter on Wednesday. “Our IT crew has contained and rectified the predicament and flights are running usually now.”
A amount of customers took to social media channels to complain about the delayed flights, but in accordance to Josh Rickard, Security Automation Architect at Swimlane, the consequences of the ransomware attack may perhaps have been significantly worse.
“Had methods been completely breached, they could be experiencing extra severe ramifications consisting of uncovered details, process-vast outages and status hurt,” Rickard claimed.
The security skilled also talked about a preceding incident SpiceJet was concerned in back again in 2020, which resulted in the personalized information and facts of about one million consumers currently being exposed.
“This, in addition to this hottest incident, is a hugely concerning pattern,” Rickard added. “To make certain that organizations are geared up to protect in opposition to related cyber incidents, and requisite day-to-day operations are capable to occur without the need of disruption, it is necessary that security and IT groups have full visibility into their environments.”
More, the govt thinks these teams really should leverage small-code security automation to answer to threats in serious time to restrict the implications of these attacks, automating detection, response and investigation protocols as much as attainable.
The ideas were being echoed by Mike Newman, CEO of My1Login, who referred to as on SpiceJet to expose additional information about the attack.
“It will be interesting to hear how attackers were in a position to get into the airline’s network in the 1st place,” Newman said.
“With knowledge revealing that phishing and credential theft are two of the most popular attack vectors utilized to deploy ransomware, the incident could more boost the relevance of organizations transferring away from password-centered security mechanisms, and improving their cyber defenses by passwordless, where there are no passwords to be stolen or phished.”
Some parts of this posting are sourced from: