Hacking against an airline’s systems forced flight cancellation this holiday

At least six flights were cancelled by Alaskan airline RavnAir last weekend due to what the company described as “a cybersecurity incident generated by a malicious actor.” The incident occurred during one of the company’s most important activity periods, so hundreds of users have been affected.

In a statement, the company reported that all scheduled regional flights of its Dash 8 aircraft were cancelled for a few hours because the cyberattack forced the shutdown of some maintenance and backup systems. About 260 users would have been affected.

RavnAir serves more than a hundred communities in Alaska, which are virtually impossible to access in car. Although the number of affected is small this is not a minor incident, as this is the only means of transport for thousands of people.

In its statement, the company mentioned that US federal authorities have already been notified, plus executives have hired the services of a cybersecurity firm to begin the incident recovery process. During Saturday afternoon, Dash-8 flights, a popular model of a commercial turboprop aircraft, would be carried out without major setbacks. 

In addition to implementing some security measures, the company mentions that new flights will be scheduled over the next few days, so users of the regional airline can go to the company for more reports on the new schedules.  

This cybersecurity incident occurred at the least opportune time for the company, as on average December 21, 22 and 23 are the busiest in almost any airport in the world. In addition, because countless travelers often search for last-minute bookings to find the best prices, many airlines’ systems are likely to experience some failures during the holiday season.

According to specialists from the International Institute of Cyber Security (IICS), high numbers of cyberattacks are also recorded during these dates. The increase in consumption, especially on some e-commerce websites, makes thousands or even millions of payment card holders vulnerable to information theft, phishing attacks, identity fraud, among many other cyberattack variants.