View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
September 29, 2023

Ukraine’s IT Army hacktivists disrupt Russian airlines with brutal DDoS cyberattack

Attacks on the system have apparently become common in recent months. Yesterday's strike grounded flights.

By Claudia Glover

Hacktivist group the IT Army of Ukraine has claimed responsibility for a sustained distributed denial of service (DDoS) cyberattack on the Leonardo flight booking system that is used by Russia’s airlines. The attack grounded flights on Thursday.

Aeroflot among airlines disrupted by DDoS attack. (Photo by Fasttailwind/Shutterstock)

Russia’s flagship airline Aeroflot announced on Telegram this morning that “due to a global failure in the Leonardo reservation system, check-in at airports in the company’s route network is difficult”.

The incident lasted for more than an hour, and had significant knock-on effects, disrupting Aeroflot flights, alongside those from Rossiya Airlines and Pobeda. A Russian news agency reported on its Telegram channel that Leonardo is also used by more than 50 Russian aircraft carriers. 

The IT Army of Ukraine has taken responsibility for the DDoS attack on its own Telegram channel.

“While you’re sipping your artisanal latte, our ‘nobel’ [sic] neighbours to the north are stuck in queues, trying to book flights. Apparently, their ‘Leonardo’ system is under attack from ‘abroad’,” the message said.

Tech Monitor has contacted Leonardo for comment on the incident. A company spokesperson told The Record that it had “encountered dozens of these incidents” in recent months, with around five attempts recorded in September.

The spokesperson said: “It’s clear that there’s an actual cyberwar waged against Russia. Its goal is to damage the Russian IT infrastructure and disrupt the work of the most important industries.”

Content from our partners
<strong>Powering AI’s potential: turning promise into reality</strong>
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline

Russian hackers not scared of the Bermuda Triangle

Meanwhile, Russian cybercriminals continue to wreak havoc in far-flung corners of the globe, as the government of Bermuda is reportedly dealing with an ongoing cyberattack perpetrated by criminals who are “most likely Russian”, according to the island’s premier, David Burt.

The Bermuda government’s online systems were attacked a week ago and most remain down, with ministers refusing to answer questions about the scale of the attack and the state of the island’s cybersecurity defences, local news reports say.

Russian hackers have been known to target nation-states before. Last year, ransomware gang Conti hit Costa Rica, crippling public services and demanding a ransom of $20m to decrypt the impacted systems.

Read more: Vanuatu shows small nations how to resist big cyberattacks

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.