Full -restoration of infrastructure can cost Aeroflot another tens of millions of dollars. Before the outbreak of war, the infrastructure of the aerofłot consisted almost exclusively of the software of the largest Western companies – SAP, Sabre and Lufthansa.
The Belarusian group “Cyberpartyzans” and the Ukrainian “Silent Crow” took responsibility for cyber attack. Hackers stated that they won 22 terabytes and destroyed seven thousand. servers.
“It was a matter of time”
Despite the substitute import program announced by the Russian state, including in the IT industry, the government turned a blind eye to the use of foreign software by large companies that had to remain competitive on the global market.
In fact, Aerofłot began to reduce the participation of Western software only after the release of the decree of Russian President Vladimir Putin “on means of ensuring technological independence and critical security of the information infrastructure of the Russian Federation”. The document signed on March 30, 2022, forbade the further purchase of foreign software in critical information infrastructure facilities, including transport.
Continued article under video material
Then, in the aerofłota, rapid importing of import began. Instead of the SABRE booking system, Aerofłot implemented the Russian Leonardo system from Sirena-Travel, the Swedish technical service system of AMOS aircraft was replaced by the Kupol system developed by Rostec, and the transition from the SAP system to 1C began.
Many smaller IT systems Aeroflot began to develop independently, for this even a subsidiary of Aflt-Systems was created.
As a result, by 2025, Aeroflot still used various IT solutions. Judging by all this, inside the Aeroflot there is currently something that IT specialists call “ZOO” – a mixture of Russian, their own and still not replaced imported software. Finding something susceptible to attack in this chaos was only a matter of time and perseverance of the attackers.
“Everyone has collapsed the case”
So far, the General Prosecutor's Office has initiated only one criminal proceedings after an attack on an aerofłot infrastructure – based on an article on unlawful access to computer information (272 of the Criminal Code of the Russian Federation). This is a standard procedure for hacker attacks.
Soon, the case may be influenced by the unlawful impact on critical information infrastructure (274.1 of the Criminal Code of the Russian Federation), which may include the management of Aerofłot, as well as its contractors. In addition Aerofłot is threatened by a multi -million fine for leakage of personal data (It is not clear yet whether this leak took place during a hacker attack, which occurred on July 28).
Pursuant to Russian law, the infrastructure of the aerofłot should be connected to the state detection, warning and liquidation system of computer attacks (Gossopka). The FSB, which manages this system, was obliged to install special software to detect the attack in time.
In short, it seems that everyone has collapsed the case – including the relevant FSB units.
I’m Ashley Davis as an editor, I’m committed to upholding the highest standards of integrity and accuracy in every piece we publish. My work is driven by curiosity, a passion for truth, and a belief that journalism plays a crucial role in shaping public discourse. I strive to tell stories that not only inform but also inspire action and conversation.
