Split Airport hacked by Akira ransomware gang

NEWS FLASH


Numerous flights have been cancelled at Split St Jerome Airport since Monday evening after it fell victim to the Akira ransomware gang, forcing the complete shutdown of its IT infrastructure. On Monday, all flights after 19.30 CEST were either cancelled or diverted. Earlier in the day flights were operating, but travellers still faced difficulties. Airport operations were hindered due to the lack of IT support, and check-in was conducted manually. As a result, departures were also delayed. On Tuesday 70% of flights were able to operate in and out of Split but passengers still faced numerous delays. Although some flights have been cancelled today, most are heavily delayed but operating. Hackers behind the attack had called for negotiations, but authorities have refused to comply. The incident occurred just days after a global IT outage caused by an update to CrowdStrike software upended operating systems across the world, causing chaos at airports, banks and financial institutions.

The Akira ransomware gang has attacked more than 250 organisations over the last year and continues to impact a “wide range of businesses and critical infrastructure entities in North America, Europe, and Australia”, the FBI and European law enforcement agencies have warned. In April, officials from the FBI, Cybersecurity and Infrastructure Security Agency (CISA), Europol’s European Cybercrime Centre (EC3), and the Netherlands’ National Cyber Security Centre (NCSC-NL) published an advisory about the group, which has earned about 42 million US dollars in ransoms since emerging in March 2023. After initially targeting Windows systems, Akira has deployed a Linux variant targeting VMware ESXi virtual machines that are used widely across many large businesses and organisations.

The ransomware gang has claimed a steady stream of incidents in 2024, including an attack on prominent cloud hosting services provider Tietoevry. The group has taken credit for other attacks on Stanford University, the largest switching and terminal railroad in the US, the government of Nassau Bay in Texas, Bluefield University, a state-owned bank in South Africa, major foreign exchange broker London Capital Group, and Yamaha’s Canadian music division.

Comments

  1. Anonymous14:22

    wow crazy

    ReplyDelete
  2. Just yesterday company that I work for had it's servers attacked. The funny part is that it's a small furniture manufacturer with around a hundred employees.

    ReplyDelete
    Replies
    1. Anonymous15:28

      they don't care. sometimes its individual, sometimes conglomerate.

      Delete
  3. Anonymous22:03

    And the cure is so easy…daily or even hourly backup

    ReplyDelete
    Replies
    1. Anonymous08:29

      Unless you use a Windows based backup, they'll lock that up too.

      Delete

Post a Comment

EX-YU Aviation News does not tolerate insults, excessive swearing, racist, homophobic or any other chauvinist remarks or provocative posts with the intention of creating further arguments. A full list of comment guidelines can be found here. Thank you for your cooperation.