
By Aneesh Phadnis, business-standard.com
SpiceJet operations were impacted on Wednesday after its systems faced a ransomware attack.
“Certain SpiceJet systems faced an attempted ransomware attack last night. While our IT team has, to a large extent, contained and rectified the situation, this has had a cascading effect on our flights leading to delays. Some flights to airports where there are restrictions on night operations have been cancelled. SpiceJet is in touch with expert and cybercrime authorities on the issue,” the airline said in a statement.
A source said the airline’s software which deals with operations and flight planning came under attack in early hours of Wednesday. Airlines use software to keep a record of hours flown by pilots. This helps tool them in assigning duties considering regulations on flight duty time. It also helps an airline to keep a record of hours flown by each aircraft and helps in maintenance purposes too.
The source added that as SpiceJet system came under attack its operations department switched to manual mode on Wednesday. The airline is working to shift its systems to a secured server.
While the airline tweeted earlier in the day about impact on its operations, this did not convince the customers. “Operating normally?? We are stuck here since 3 hours and 45 minutes. Neither cancelling nor operating, sitting in the flight, not even the airport. No breakfast, no response,” Mudit Shejwar tweeted from inside an aircraft.
This is the second instance of SpiceJet flight disruption in five days. On May 20 the airline’s morning departures were delayed as it was unable to make necessary payments to the Airport Authority of India which provides air traffic control services in the country. Operations were normalized in a few hours after the airline managed to make necessary payment manually.
In February airport services firm Swissport reported that its systems were targeted by ransomware. It provides cargo handling, security, maintenance and other services at airports around the globe. The company said affected infrastructure was quickly taken offline and fallback systems were operationalised