Hacktivist group the IT Army of Ukraine has claimed responsibility for a sustained distributed denial of service (DDoS) cyberattack on the Leonardo flight booking system that is used by Russia’s airlines. The attack grounded flights on Thursday.
Russia’s flagship airline Aeroflot announced on Telegram this morning that “due to a global failure in the Leonardo reservation system, check-in at airports in the company’s route network is difficult”.
The incident lasted for more than an hour, and had significant knock-on effects, disrupting Aeroflot flights, alongside those from Rossiya Airlines and Pobeda. A Russian news agency reported on its Telegram channel that Leonardo is also used by more than 50 Russian aircraft carriers.
The IT Army of Ukraine has taken responsibility for the DDoS attack on its own Telegram channel.
“While you’re sipping your artisanal latte, our ‘nobel’ [sic] neighbours to the north are stuck in queues, trying to book flights. Apparently, their ‘Leonardo’ system is under attack from ‘abroad’,” the message said.
Tech Monitor has contacted Leonardo for comment on the incident. A company spokesperson told The Record that it had “encountered dozens of these incidents” in recent months, with around five attempts recorded in September.
The spokesperson said: “It’s clear that there’s an actual cyberwar waged against Russia. Its goal is to damage the Russian IT infrastructure and disrupt the work of the most important industries.”
Russian hackers not scared of the Bermuda Triangle
Meanwhile, Russian cybercriminals continue to wreak havoc in far-flung corners of the globe, as the government of Bermuda is reportedly dealing with an ongoing cyberattack perpetrated by criminals who are “most likely Russian”, according to the island’s premier, David Burt.
The Bermuda government’s online systems were attacked a week ago and most remain down, with ministers refusing to answer questions about the scale of the attack and the state of the island’s cybersecurity defences, local news reports say.
Russian hackers have been known to target nation-states before. Last year, ransomware gang Conti hit Costa Rica, crippling public services and demanding a ransom of $20m to decrypt the impacted systems.