Budget carrier SpiceJet faced a ransomware attack late on Tuesday night that delayed several morning flights on Wednesday, the cascading effect leaving several hundred passengers stranded for hours across the country’s airports.
A few flights were cancelled too. Sources said the airline had now shifted to a new server and delinked the old one so that flight operations could become normal.
A ransomware is a type of malware in which the attacker locks and encrypts the victim’s data and key files and demands a payment to unlock and decrypt the data. This kind of attack takes advantage of human, system, network and software vulnerabilities to infect the victim’s device, which can be a computer, printer, smartphone, wearable, point-of-sale (POS) terminal or some other endpoint.
SpiceJet did not reveal whether it had paid the attacker. Industry sources said the attack was similar to the one on Indigo in December 2020.
Then, too, the airline had acknowledged the attack and said some segments of data servers had been breached. However, little is known yet about the outcome of the probe, or whether any payment was made.
As passengers stuck at the airports on Wednesday expressed frustration, ground staff informed them that “the server is down”.
A passenger, Saurav Goyal, tweeted: “Extremely poor customer service by flyspicejet. My flight to Srinagar SG 473 scheduled at 6.25 AM from Delhi today is still at the airport. The Staff has no clue and the poor excuse is ‘server down’ so cannot take printouts. Passengers are suffering.”
After passengers blasted SpiceJet on social media, the carrier put out a statement.
“Certain SpiceJet systems faced an attempted ransomware attack last night that impacted and slowed down morning flight departures today. Our IT team has contained and rectified the situation and flights are operating normally now,” SpiceJet tweeted.
However, this did not pacify all the passengers. Mudit Shejwar, who had earlier flagged the delay of his flight to Dharamshala, tweeted in response to SpiceJet’s clarification that he and others had been sitting inside the plane without any food for nearly four hours.
“Operating normally?? We are stuck here since 3 hrs and 45 mins? Neither cancelling nor operating, sitting in the flight not even the airport. No breakfast, no response!” he wrote.
In 2021, over 78 per cent of Indian organisations surveyed were hit with ransomware attacks, up from 68 per cent in 2020, says a report by Sophos, a cybersecurity firm, released earlier this month.
The average ransom paid by Indian organisations to get their data encrypted was $1.2 million, it adds.
“Nearly 89 per cent of mid-sized organisations had cyber insurance that covers them in the event of a ransomware attack and in 100 per cent of incidents, the insurer paid some or all the costs incurred,” the report says.
