The recent hacking incident at Aeroflot has placed the focus back on the disruptions that can be caused by these incidents of digital sabotage. This specific attack led to a mass outage on the airline’s computer system. The effect of this led to a cancellation of a vast quantity of flights as well as delays in numerous others. A further consequence of this incident was disruptions in flights from subsidiaries Pobeda and Rossiya. Almost all of the flights that were affected were for domestic travel, although some international flights were also cancelled.
A disruption planned by digital sabotage
One of the groups claiming responsibility for the digital sabotage at Aeroflot, Russia’s flagship airline, has a track record of disruptive hacks. The Belarusian Cyber Partisans โ a long-established group sworn to overthrow Belarusian President Alexander Lukashenko โ joined with a more obscure group known as Silent Crow to claim responsibility for the crippling intrusion at Aeroflot that canceled dozens of flights on Monday and led to travel disruptions across Russia.
First emerging in 2020 in the wake of mass demonstrations against Lukashenko’s reelection, the Cyber Partisans have claimed responsibility for a series of eye-catching hacks, including the defacement of Belarusian state media sites, repeated thefts of law enforcement data, and aย 2022 attack against Belarusian Railwayย that they said had interfered with freight travel. Last year, the group claimed repeated attacks on fertilizer complex Grodno Azot, where they said they had tampered with the operations of the plant’s boiler.
Mapping out the Russian targets
Headquartered in Grodno, Belarus, Grodno Azot was founded in 1965. With CEO Igor Lyashenko at the helm, the company produces:
- Ammonia
- Methanol
- Fertilizers
- Cleaning, washing and protective agents
Reuters has not been able to independently authenticate all the group’s claims or measure its disruptive impact, but the data stolen by the hackers has in the past been cross-checked and validated by groups such as Bellingcat, the open-source investigators. Netherlands-based Bellingcat is an investigative journalism group. Their specialty is fact-checking and OSINT (open-source intelligence). The group was founded by British citizen journalist Eliot Ward Higgins.
Yuliana Shemetovets, a spokesperson for the Cyber Partisans, told Reuters on Monday that she operates from the United States and said the group consisted of around 30 core members, mostly operating from outside of Belarus. Silent Crow has a lower profile. It has claimed responsibility for attacks this year on a Russian real estate database, a state telecoms company, a large insurance firm, the Moscow government’s IT department, and the Russian office of South Korean carmaker KIA.
The role-players behind the airport attack
Russian cybersecurity firm Bi.Zone has been tracking Silent Crow as a politically motivated group, active since mid-2022, with potential links to multiple pro-Ukrainian hacker groups, according to an entry in BI. Zone’s public database. Ukraine and Russia have been at war since Russia invaded in February 2022. Reuters was unable to immediately contact Silent Crow and BI. Zone did not immediately return a request seeking comment.
Members of the Belarusian Cyber Partisans may also have pro-Ukraine ties. In June, researchers with Russian anti-virus firm Kaspersky said they had identified a suspected member of the group active in a Telegram group devoted to the “IT Army of Ukraine,” a group of pro-Ukrainian hackers backed by the government in Kyiv. Shemetovets told Reuters that there was no collaboration between the Cyber Partisans and any state security or intelligence services as part of the attack on Aeroflot.
All things aside, cyber-attacks such as these have serious consequences. As can be seen, not only on the company in question, but it also ripples out further than that onto other individuals. A reputation damage in this instance would be a correct guess. Financial loss is also another hard knock that the company had to take. Some of the damage is repairable, either in the long or short term. But trust lost in a business will rarely be regained.