• rajesh273

Ransomware that couldn't: some good news

The Target

Swissport International Ltd. is an aviation services company providing airport ground, lounge hospitality, and cargo handling services owned by an international group of investors.

It handles around 282 million passengers and 4.8 million tonnes of cargo annually, on behalf of some 850 client companies in the aviation sector.


What Happened

Swissport announced on February 4rth, 2022, that a part of their IT infrastructure had been attacked by ransomware. This caused some temporary delays.


At this point, it is not known what malware was installed nor what was ransomed.


Response

  1. Some of Swissport's IT infrastructure was taken offline.

  2. Backup systems were brought online

  3. Some processes were switched to manual mode.

  4. Most of their systems are getting scrubbed, their website is back online, and it is almost business as usual.

This is pretty unusual for a company hit with ransomware where they go offline for days and have no Incident Response or Disaster Recovery.


The Colonial Pipeline, for example, caused massive gas shortages, panic buying of gasoline, shutdowns, etc. Colonial was vastly underprepared to handle any cyberattack, let alone a ransomware attack.


Lessons

  1. Everyone is vulnerable to ransomware. BUT

  2. Having a coordinated strategy to respond and restore is invaluable. HOWEVER,

  3. It costs more to respond than the actual ransomware payment demanded; Swissport had to move its operations around, and its effort to clean up its systems probably cost more than any ransomware payment demanded, even if you paid (or didn't). BUT

  4. One can face down hackers and win.

References

  1. Swissport on Twitter.

  2. Airways Magazine: Swissport Recovers from Ransomware Attack




8 views0 comments

Recent Posts

See All

The latest White House development in cryptocurrencies, Executive Order (EO)on Ensuring Responsible Development of Digital Assets, is geared towards bringing the world of blockchain in general, and c