Indian airline SpiceJet delayed a number of flights on Wednesday soon after reporting staying strike by a ransomware attack the former working day.
The news was claimed by the BBC, which spotted the company’s tweet earlier this 7 days.
“Certain SpiceJet systems faced an tried ransomware attack previous evening that impacted and slowed down early morning flight departures nowadays,” the organization wrote on Twitter on Wednesday. “Our IT staff has contained and rectified the problem and flights are running ordinarily now.”
A range of buyers took to social media channels to complain about the delayed flights, but according to Josh Rickard, Security Automation Architect at Swimlane, the repercussions of the ransomware attack could have been a great deal worse.
“Had devices been thoroughly breached, they could be going through a lot more intense ramifications consisting of uncovered facts, procedure-broad outages and track record damage,” Rickard stated.
The security professional also stated a former incident SpiceJet was included in back again in 2020, which resulted in the individual information and facts of more than a person million clients becoming exposed.
“This, in addition to this most up-to-date incident, is a extremely concerning sample,” Rickard extra. “To make sure that businesses are ready to defend against equivalent cyber incidents, and requisite working day-to-day operations are ready to arise without having disruption, it is necessary that security and IT teams have full visibility into their environments.”
Even further, the executive thinks these teams need to leverage minimal-code security automation to react to threats in genuine time to limit the outcomes of these attacks, automating detection, reaction and investigation protocols as much as possible.
The ideas have been echoed by Mike Newman, CEO of My1Login, who called upon SpiceJet to expose further information about the attack.
“It will be exciting to hear how attackers have been able to get into the airline’s network in the very first place,” Newman stated.
“With data revealing that phishing and credential theft are two of the most popular attack vectors utilized to deploy ransomware, the incident could further reinforce the relevance of businesses shifting away from password-dependent security mechanisms, and strengthening their cyber defenses through passwordless, where by there are no passwords to be stolen or phished.”
Some parts of this article are sourced from:
www.infosecurity-journal.com