Scandinavian Airlines (SAS) notified its customers of a cyberattack that caused its systems to malfunction. This led to an outage of its website and app to last for hours, also exposing passenger data in the process.
The Cyberattack
The airline has 131 aircraft and can fly its passengers to 168 locations. The cyberattack caused passenger data to be accessible to other passengers, exposing information like contact details, previous and upcoming flights, and the last four digits of their credit card numbers.
However, the transportation company said that the risk is minimal since the information leaked was only partial, and no passport details were exposed. There's still the risk of having the full names and contact details out in the open, which may lead to phishing attacks and scams.
Scandinavian Airlines stated that there are monitoring the situation closely and continue to work to analyze and evaluate the attack, as well as the consequences that come with it. They have also taken preventive measures, as mentioned by Bleeping Computer.
The airline is already cooperating with the National Civil Aviation Agency, as well as security police. SAS also mentioned that the kind of attack they were subjected to comes in batches, and more attacks are likely to follow. They clarified that it will not affect passenger data.
The Hackers
A hacker group already claimed responsibility for the attack on the airline, who are hacktivists that go by "Anonymous Sudan." They released their statement through their Telegram channel, stating why they did the attack in the first place, and that Russia had nothing to do with it.
The statement reasons that the attack was in response to the burning of the Qur'an, which occurred in front of the Turkish embassy located in Stockholm, Sweden on the 21st of January 2023. This has caught the ire of Muslims from all around the world.
Reports say that a far-right nationalist group had burned a copy of the Qur'an in response to Turkey turning down Sweden's NATO membership bid. The hacker group hit back by hacking into Sweden's main airline.
The hackers also said that they will be continuing the attacks in a "large and violent" manner, which they will only stop once the Swedish government issues an apology about the burning of their Holy Qur'an.
The Sudanese threat actors also hacked into Sweden's main public TV broadcaster, SVT. The attack made it impossible to access the company's websites. SVT's Director of Technology Adde Granberg said that they received calls saying their servers were abnormal.
The company mentioned that it might've been a denial-of-access attack, according to Euractiv. This type of hacking might lead to their computer systems experiencing disturbances due to restriction of use.
Although, they clarified that it will not cause permanent damage or leak "secret information." Other media companies and universities were also subjected to such issues. Swedish universities like the Karolinska Institute and Swedish University Network were included.
Anonymous Sudan also threatened to subject Swedish authorities and banks to cyberattack, reports say. IT experts in SVT believe that either Russian hackers were behind the attacks or they were assisting the Sudanese hacker group.
Related: City of Oakland in State of Emergency Due to Ransomware Attack
