A ransomware incident recently hit a major airline technology provider, Accelya, impacting its internal systems and causing minor operational disruption. Some of the well-known clients of the affected firm include British Airways, Delta, American Airlines, and JetBlue.
With over 250 airline partners from nine countries, Accelya is known for providing cargo, passengers, and industry analytics platforms.
Accelya teamed up with security experts to investigate the incident, and they learned that some of their corporate data, such as emails and contracts, had been leaked to a threat group’s ransomware site – the prolific BlackCat ransomware (aka ALPHV).
The ransomware strain launched on the system of the airline technology provider was immediately quarantined before spreading.
A representative of Accelya added that the attack was only spotted in a contained portion of their overall environment. There was no evidence that any malicious payload had moved laterally across their networks and customer environments.
However, the airline technology provider and its security team are still going through the leak site of the BlackCat threat group, where their company data had allegedly been posted.
Since the beginning of this year, reports were already sent about the airline sector being a prime target for ransomware groups. An Indian airline firm, SpiceJet Airline, was victimised last May. Meanwhile, a fighter jet supplier, Top Aces, was also hit with ransomware in the same month.
Experts stated that BlackCat/ALPHV remains a notorious and active cybercriminal ransomware group. Aside from its recent attack on the airline technology provider, the group was also spotted victimising government institutions, energy companies, gaming firms, and universities.
There are also speculations about the BlackCat group being a rebrand of the infamous DarkSide/BlackMatter ransomware group, which is the group allegedly behind the massive attack on the Colonial Pipeline that made headlines last year.
It has been known among the cybercriminal landscape that ransomware attacks inflict great damage against their victims, including major corporations across several sectors. Thus, companies and organisations are warned to be more cautious and implement stronger cybersecurity measures on their systems.
