Cyberattack shuts down airline operations for a month. All flights cancelled

Sometimes a cybersecurity incident can be even more dangerous than expected at the beginning. Unfortunately this seems to be the case of RavnAir Group, a regional airline that suffered a ransomware attack about a month ago.

At first the company executives reported that the incident only caused the cancellation of a dozen flights, however, new reports indicate that, after a month, RavnAir keeps dealing with the malware infection to the extent that it could cancel many more flights during the rest of January.

After a few days of dealing with the effects, RavnAir issued a new statement to make it known that the impact of the cybersecurity incident was greater than initially estimated, so the company would continue to experience some problems throughout the month of January, a situation that could be extended throughout February.

Ravn reported that there are expected some problems in the scheduled schedules of its Ravn Connect and Frontier Flying Services flights, which are continuous flights and mainly focused on connecting Alaska with other territories, as well as delivering supplies to the most isolated communities in the territory.

Company spokeswoman Debbie Reinwand said flight cancellations and delays will continue until RavnAir, in collaboration with a cybersecurity firm, manages to completely eradicate ransomware and restore its systems: “We request the patience of our users; operations will soon return to normal,” she added. The airline is also supported by the FBI for the investigation of the incident and its actual impact.

It is unclear whether the attackers were able to access the personal records stored by the airline, although finding out this could be a matter of time. According to the International Institute of Cyber Security (IICS), the Alaska Personal Information Protection Act requires companies with more than ten employees to report any incidents related to the security of their employees’ or users’ data.

Although this law does not set a deadline for submitting this report, experts say it is best to notify authorities of these incidents as soon as possible, as a report filed in a timely manner can help prevent the impact of a cyberattack on affected users.