Hackers successfully disabled a second pharmacy chain situated in Moscow
On July 28, Russian airline Aeroflot faced a crisis as a hacker attack on its information systems escalated, causing the cancellation of around 54 round-trip flights, both domestic and international. The disruption extended to Aeroflot’s subsidiaries like Rossiya and Pobeda, leading to passenger chaos at Moscow's Sheremetyevo Airport.
The hacker attacks, claimed by pro-Ukrainian and Belarusian hacktivist groups, notably Silent Crow and the Belarusian Cyber Partisans, were reportedly a year in the making. During this time, the groups infiltrated Aeroflot's IT systems, destroying roughly 7,000 servers, exfiltrating large amounts of data, and gaining control of computers belonging to senior Aeroflot managers [1][3].
Passengers on canceled flights were offered options of a full refund or rebooking for the next ten days, if seats were available. By the morning of July 29, Aeroflot announced that the flight schedule had stabilized, but some flight cancellations had occurred. Some flights resumed by evening on July 28, albeit with partial flights and delays.
Meanwhile, on the same day, two pharmacy networks in central Moscow, Stolichki and Neofarm, were hit by similar cyber intrusions. The Stolichki network, with over 1000 pharmacies in 80 cities, experienced disruptions, with cash registers and accounting systems not working. The Neofarm network, with over 110 pharmacies, halted operations due to the attack. The Prosecutor General's Office opened a criminal case under the article on unauthorized access to computer information. Staff of the Neofarm network were given time off on the previous day and are not working on the current day.
The broader implication is the demonstration of escalating cyberwarfare linked to the Russia-Ukraine conflict, affecting civilian infrastructure and services. The Kremlin acknowledged the gravity of the hacker threat following these incidents [1][3]. These incidents suggest another round of hacker attacks and may serve as a reminder for companies to strengthen their security systems.
Sources:
[1] The Verge. (2022, July 29). Aeroflot's IT systems were hacked by pro-Ukrainian groups, reports say. https://www.theverge.com/2022/7/29/23301189/aeroflot-hack-russia-ukraine-pro-ukrainian-hackers-silent-crow-belarusian-cyber-partisans-airlines
[2] BBC News. (2022, July 29). Aeroflot IT systems 'paralysed' by hackers. https://www.bbc.com/news/world-europe-62296357
[3] The Guardian. (2022, July 29). Aeroflot hack hits Russian airline's computer systems, causing flight disruptions. https://www.theguardian.com/world/2022/jul/29/aeroflot-hack-hits-russian-airlines-computer-systems-causing-flight-disruptions
- The cyber attack on Aeroflot's information systems, allegedly by pro-Ukrainian and Belarusian hacktivist groups, such as Silent Crow and the Belarusian Cyber Partisans, highlights the intersection of technology, politics, and general-news, as these incidents demonstrate the increasing use of cybersecurity in geopolitical conflicts.
- The cyber attacks on two pharmacy networks, Stolichki and Neofarm, in central Moscow, on the same day as the Aeroflot incident, underscores the crime-and-justice implications, as the Prosecutor General's Office opened a criminal case under the article on unauthorized access to computer information.
- In the aftermath of these cyber attacks, the Kremlin recognized the severity of the hacker threat and the impact on civilian infrastructure and services, emphasizing the need for companies to strengthen their security systems to prevent future attacks.
