According to Russian sources, Rosaviatsia, the country’s Federal air transport agency, fell victim to a cyberattack and lost 65 TB of data!
Russia’s invasion of Ukraine has had numerous effects in and out of both countries. One of them is that groups of hackers have focused their cyberattacks on organizations in Russia and Ukraine. This has already caused other disruptions. But today we are getting news that such an attack has had a massive effect on Rosaviatsia. This organization is the country’s aviation regulator, equivalent to the FAA in the US, or EASA in Europe.
Russian aviation sources claim that the cyberattack started last Saturday. From Monday (the 28th of March), the website of the air transport agency stopped working. Rosaviatsia’s other websites also went offline. Officially, the agency has not offered a reason for this issue. But according to The Aviation Herald, Rosaviatsia released the following statement:
“Due to temporary lack of access to Internet and malfunction of the electronic document flow system of Rosaviatsia the Federal Agency for Air Transport is switching to paper version.
“The document flow procedure is being determined by the current records management instructions.
“Information exchange will be carried out via AFTN channel (for urgent short message) and postal mail.
“Please make this information available to all Civil Aviation Organizations.”
Effects of the Cyberattack on the Russian Aviation Agency
Some Russian sources don’t attribute this event to a cyberattack. Instead, they are connecting it to an alleged change of leadership in the organization. The changes could also include a substantial restructuring in Rosaviatsia. But clearly, this is a very serious disruption for the agency. More seriously, other sources in the country allege that Rosaviatsia lost its entire database, consisting of 65 Terabytes of data.
This information includes aircraft registration data, many documents and e-mails going back one and a half years. According to the same sources, the Russian agency can’t use backups to recover from this cyberattack. This is because a lack of funds means that it doesn’t have backups of this data. Rosaviatsia reportedly uses a third-party contractor, responsible for maintaining their organization’s IT network.
Of course, this is coming at a time when Rosaviatsia has been rather busy. The agency has had to register a lot of leased aircraft, that airlines previously agreed to keep in the Bermuda and Ireland registries. The agency also had to approve some Russian maintenance, repair and overhaul (MRO) facilities to work on more aircraft types.
As ever, a lot of the information relating to the Russian invasion of Ukraine is hard to verify. But the Rosaviatsia website still remains offline, as of this writing.
The Anonymous group of activists and hacktivists denies any involvement in this attack. Also, the group says it does not intend to perform any cyberattacks that might endanger lives.