Russian flight booking system suffers ‘massive’ cyberattack

Siva Ramakrishnan
A Russian flight booking system was hit by a cyberattack on Thursday, causing delays at airports.

A Russian flight booking system was hit by a cyberattack on Thursday, causing delays at airports.

A “massive” distributed denial-of-service (DDoS) attack on the local airline booking system Leonardo was carried out by “foreign hackers,” reported one of the system’s developers, Russian state defense company Rostec.

The incident lasted about an hour and affected the operation of several Leonardo customers, including Russian air carriers Rossiya Airlines, Pobeda and flagship airline Aeroflot. DDoS attacks overwhelm websites with a flood of traffic, making them temporarily unavailable to users.

According to Aeroflot, the incident caused delays of up to an hour for departures at Moscow’s Sheremetyevo International Airport — the busiest in the country.

Leonardo is used by more than 50 Russian carriers and serves around 45 million passengers annually, according to the Russian news agency Interfax.

The Ukrainian hacktivist group IT Army claimed responsibility for shutting down Leonardo.

“While you [Ukrainians] are sipping lattes, our friends up north are stuck in queues, trying to book flights,” the hackers reported on their Telegram channel. “Well done IT Army!”

According to Rostec, Leonardo is constantly experiencing “large-scale and unprecedented” attacks.

The flight booking system has “encountered dozens of these incidents in recent months, with around five attempts recorded in September,” the agency stated.

“It’s clear that there’s an actual cyberwar waged against Russia. Its goal is to damage the Russian IT infrastructure and disrupt the work of the most important industries.”

Earlier this month, a cyberattack suspected to be carried out by a pro-Russia hacking group caused widespread service disruptions at several Canadian airports. On the same day, Canada’s largest airline announced a data breach that involved the information of employees.

No group has claimed responsibility for the attack on Air Canada, but the country’s businesses have suffered relentless attacks from Russian threat actors since Canada’s government announced its support for Ukraine last year.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk
is a freelance reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Divided oversight panel recommends new limits for Section 702 searches

Next Post

Tech industry leaders and White House clash over plan for improved cloud security

Related Posts

Microsoft Releases PyRIT – A Red Teaming Tool for Generative AI

Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative artificial intelligence (AI) systems. The red teaming tool is designed to "enable every organization across the globe to innovate responsibly with the latest artificial intelligence advances," Ram Shankar Siva Kumar, AI red team
Omega Balla
Read More

Getting off the Attack Surface Hamster Wheel: Identity Can Help

IT professionals have developed a sophisticated understanding of the enterprise attack surface – what it is, how to quantify it and how to manage it.  The process is simple: begin by thoroughly assessing the attack surface, encompassing the entire IT environment. Identify all potential entry and exit points where unauthorized access could occur. Strengthen these vulnerable points using
Read More