airline jet

Scandinavian Airlines hit by cyberattack, ‘Anonymous Sudan’ claims responsibility

A cyberattack on Scandinavian Airlines (SAS) knocked its website offline and exposed some customer data on Tuesday. Customers who attempted to log into the SAS mobile app were sent to someone else’s account and had access to their contact information and itineraries, among other things.

SAS said in a statement that there was “no risk that this information could be exploited” and that passport details were not part of the compromised information, according to a company statement. SAS is the flagship carrier for Denmark, Norway and Sweden and did not respond to The Record’s request for more information about how many customers were affected by the breach.

It was a tough Valentine’s Tuesday for Sweden more generally. A cyberattack took its national public television broadcaster, SVT, offline temporarily and a number of its companies, universities and telecom operators were also on the receiving end of cyberattacks.

A group calling themselves “Anonymous Sudan” took responsibility for both attacks, and SVT said in a statement posted on its website that the group blamed the burning of a Quran during demonstrations in January protests in Stockholm for motivating the attacks. A statement by people claiming to be part of Anonymous Sudan posted a statement on Telegram saying as much.

“We will continue the attacks in a large and violent manner, if an official apology is not issued by the Swedish government regarding the burning of the Quran,” the group said.

Meanwhile, pro-Russian hackers from the UserSec group said on Telegram they were helping Anonymous Sudan attack Sweden’s airports.

Earlier on Tuesday, hackers from a group called Al-Toufan claimed responsibility for taking down  websites for Bahrain’s international airport, its state news agency, and a chamber of commerce. They said it was to mark the 12-year anniversary of the country’s Arab Spring uprisings.

The Bahrain airport website was unavailable for at least a half an hour on Tuesday. As of Wednesday, the group appears to be continuing its attacks on other companies and organizations in Bahrain.

Over the past few months, airlines around the world have increasingly suffered from cyberattacks and technical issues. Lufthansa was forced to cancel or divert flights to Germany’s busiest airport in Frankfurt on Wednesday due to an IT failure that left thousands of passengers stranded.

In January, a technical glitch crippled thousands of flights across the United States. A preliminary investigation has traced the issue to a damaged database file, with no evidence that hackers were behind it, though U.S. officials cautioned that much of the country’s aviation industry uses outdated systems, making them easy targets for criminal and nation-state hackers who want to wreck havoc.

The White House organized meetings with aviation industry leaders aimed at seeing if there are ways to beef up cybersecurity alongside that of other key sectors of the American economy. In the meantime, U.S. officials want to require that all cybersecurity incidents experienced by aviation firms are reported to the Cybersecurity and Infrastructure Security Agency (CISA) within 24 hours.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles

Daryna Antoniuk

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.