A major supplier of international aviation was attacked by ransomware, and the aviation industry has become the main target of ransomware

0
117

·Accelya, a technology supplier serving major airlines in the United States and the United Kingdom, revealed that some systems have been affected by ransomware attacks recently;

·The AlphV/BlackCat ransomware gang has released data allegedly stolen from Accelya, including emails, employee contracts, and more;

·The aviation industry has become a major target of ransomware gangs. In May of this year, India’s Spice Airlines and Canadian fighter training service providers were all hit by ransomware attacks.

As a technology provider serving many of the world’s largest airlines, Accelya said that it has just suffered a ransomware attack recently, and some systems have been affected. Data disaster recovery has been taken in measures.

Accelya’s customers include Delta Air Lines, British Airways, JetBlue Airways, United Airlines, Virgin Atlantic Airways, American Airlines and many other well-known airlines.

Ransomware publicly released to steal data

On August 23, the company disclosed that two security vendors it hired to resolve the matter found that Accelya internal data had been posted to a dedicated ransomware leak site.

Last Thursday (August 18), the AlphV/BlackCat ransomware gang released data allegedly stolen from Accelya. The gang said the stolen data included emails, employee contracts and more.

A spokesman for Accelya said the experts they hired managed to “quarantine” the ransomware, preventing it from spreading further within the system.

“Our forensic investigators confirmed that only a portion of the overall environment was affected. There is no evidence that malware may have moved laterally through our systems into our customers’ environments,” the spokesperson said.

They also added that Accelya is reviewing data posted on the AlphV leaked website last week and will issue notifications to customers affected by the information breach.

Accelya is mainly responsible for providing passenger, cargo and industry analysis platforms for major aviation industry companies, and maintains cooperative relations with more than 250 aviation companies in 9 countries.

In 2022, the aviation industry has become a major target of ransomware gangs. In May, India’s SpiceJet and Canada’s fighter jet training service were both hit by ransomware attacks.

Who is the AlphV/BlackCat ransomware?

AlphV/BlackCat, one of the most active ransomware gangs, launched an attack on the city government of Alexandria, Louisiana just last month, and several universities this spring.

Also last month, the gang attacked two Luxembourg energy companies and the Japanese video game giant Bandai Namco.

According to several experts, AlphV/BlackCat is actually the “vest” of the BlackMatter ransomware gang, and BlackMatter is the product of a makeover of the DarkSide ransomware gang. This DarkSide has a lot of background, and the biggest action is the attack on the Colonial Pipeline Transportation Company that shocked the world.

A representative of the gang told The Record in February that most of the major ransomware gangs had some form of connection.

Referring to AlphV’s relationship with BlackMatter and DarkSide, the representative said, “So to speak, we borrowed their strengths while avoiding their weaknesses.”

As of March, law enforcement agencies had tracked at least 60 ransomware attacks by the AlphV/BlackCat gang, the FBI said in its April alert.

Cyberattacks are a growing danger to organizations and businesses of all sizes across all industries today. Storage systems may appear to have nothing to do with a company’s cybersecurity posture and plans, but they may be the most effective protection. Some characteristics and components of online equipment backup, such as ease of administration, low cost, and storage compatibility, make it critical to secure sensitive data from ransomware assaults, assisting in the development of impenetrable cloud storage space for business information facilities, and efficiently preventing ransomware strikes. RHV Backup, VMware Backup, Xenserver Backup, oVirt Backup, and other well-known VM backup services are listed below.