Aeroflot Cyberattack Claimed by Pro-Ukraine Hackers
Russian national airline Aeroflot experienced major flight disruptions after a severe cyberattack forced the cancellation of over 50 round-trip flights across the country. The digital assault, claimed by two pro-Ukraine hacking groups, triggered delays at a time when many Russians were travelling for summer holidays.
Cyberattack Causes Travel Chaos Across Russia
On Monday, Aeroflot cancelled 54 round-trip flights. Departure boards at Moscow’s Sheremetyevo Airport showed dozens more delayed. Passengers were left stranded with limited information, with many expressing frustration on Russian social media platform VK.
“I’ve been sitting at Volgograd airport since 3:30!!!!! The flight has been rescheduled for the third time!!!!!!” wrote one passenger, Malena Ashi.
Others reported Aeroflot’s call centre, website and app were all down, making it nearly impossible to rebook or request refunds.
Russian Authorities Confirm Cyberattack on Aeroflot
Russian prosecutors confirmed that the disruption was caused by a cyberattack. They have opened a criminal investigation into the incident.
Kremlin spokesperson Dmitry Peskov said:
“The information that we are reading in the public domain is quite alarming. The hacker threat is a threat that remains for all large companies providing services to the population.”
Senior Russian lawmakers echoed concerns, describing the attack as a serious threat to national security.
Anton Gorelkin, a prominent member of parliament, stated:
“We must not forget that the war against our country is being waged on all fronts, including the digital one. And I do not rule out that the ‘hacktivists’ who claimed responsibility for the incident are in the service of unfriendly states.”
Silent Crow and Belarusian Cyberpartisans Claim Responsibility
Two groups—Silent Crow and Belarusian Cyberpartisans, claimed responsibility for the Aeroflot cyberattack. Silent Crow has previously targeted Russian organisations including a real estate database, state telecoms company, and Moscow’s IT department.
In a statement, Silent Crow said:
“Glory to Ukraine! Long live Belarus!”
The Belarusian Cyberpartisans added:
“We are helping Ukrainians in their fight with the occupier, carrying out a cyber strike on Aeroflot and paralysing the largest airline in Russia.”
Hackers Claim Deep Infiltration of Aeroflot Systems
According to the groups, the attack was the result of a year-long operation. They claimed to have destroyed 7,000 servers and gained access to personal computers of Aeroflot employees, including senior managers.
Screenshots of internal file directories were shared, with the hackers threatening to release personal data of all Aeroflot passengers and intercepted communications from staff.
Potential Long-Term Impact on National Airline
Aeroflot’s share price dropped by 3.9%, underperforming the broader market. Experts say the long-term effects could be severe.
Former Aeroflot pilot Andrei Litvinov told Reuters:
“This is a serious disaster. Okay, flight delays – you can survive that. But these are losses, huge losses for a state-owned company.”
“If all the correspondence, all the corporate data is exposed – this can have very long-term consequences … First the drones, and now they are blowing up this situation from the inside.”
Aeroflot Responds to Crisis
Aeroflot stated that 206 of 260 scheduled flights would still operate. Specialists are currently working to restore systems and minimise delays. Affected passengers will be able to request refunds or rebook their flights once systems are restored.
Despite restrictions from Western sanctions and reduced flight routes, Aeroflot remains one of the world’s busiest airlines. According to its website, the airline carried 55.3 million passengers in 2023.
A Wake-Up Call for Russian Cybersecurity
Lawmakers are now calling for deeper investigations, not just into the hackers but also into the systems that allowed the breach to happen. As Anton Nemkin, another member of parliament, stated:
“Investigators must identify not only the attackers but those who allowed systemic failures in protection.”
This cyberattack on Aeroflot stands as one of the most significant digital breaches in Russia since the Ukraine conflict began. It highlights vulnerabilities in critical infrastructure and signals that digital warfare is escalating across national borders.
