20 airlines hit by cyberattack on saber flight reservation system

A security report mentions that the Radixx Res reservation system, a subsidiary of Sabre Corporation, has been compromised by a cyberattack using a dangerous malware variant. While the report notes that Sabre’s systems were not affected by this incident, the attack has rendered 20 airlines’ booking systems unusable, impacting thousands of customers.

Experts note that the airlines concerned include Peach Aviation, ZIPAIR, Air Belgium, Sky Airlines, Air Transat, Vietravel, Aero K Airlines, Salam Air, FlySafair, Air India Express and Wingo.

As mentioned above, the disruption of these systems has affected many passengers, preventing them from being able to purchase flight tickets, change seats and even cancel or confirm reservations made through the websites of the affected airlines.

So far the company that owns the affected system has not revealed what kind of malware the threat actors used behind this incident, although some members of the cybersecurity community believe it is highly likely to be a ransomware attack.

As you will remember, ransomware is a type of malware capable of blocking infected files and systems, demanding a ransom from victims in exchange for restoring access to affected systems. These ransoms must be covered in cryptocurrency due to anonymity and ease of settlement of the transaction.

This hypothesis could be confirmed in the coming days if it is an attack operated by ransomware as a service (RaaS) groups, as these attacks also often involve the theft and leakage of sensitive information as a way to force ransom payment. Over the next few days researchers working with Radixx Res will be monitoring the most popular hacking forums on the dark web for any indication of the attack.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.