Biman operation suffers as hacked email server not yet restored

Despite the malware attack, which took down a key server, Biman did not need to suspend flight operations

11 April, 2023, 12:15 pm

Last modified: 11 April, 2023, 12:26 pm

File Photo. Picture: Collected


File Photo. Picture: Collected

Biman Bangladesh Airlines has been facing difficulties in its internal communication, with the national carrier struggling to restore its email server even three weeks after a ransomware cyber-attack on 18 March.  

With no data access, Biman management has been collecting information from its employees. Last week, the national carrier asked all its pilots to send their flying hours, availed days off and leaves, said a senior executive of the carrier.

“Internal communication is in a mess now. We do not have access to our office email yet and we are facing trouble communicating with foreign stations,” said another official, wishing anonymity.

“In March, Biman disbursed salaries to its employees based on the previous month’s receipt as there was no record of salaries after the cyber attack,” said the official.

However, flight operations have not been affected as the Biman authorities have been maintaining communication with their pilots through personal emails and WhatsApp, according to officials. 

Meanwhile, ticket sales for international flights dropped nearly 20% in March, which is also blamed partially on the server staying down, given that Biman does not have any previous ticket selling record.

Speaking on the issue, Md Mahbub Ali, State Minister of Civil Aviation and Tourism, said, “We had a meeting with the board of Biman last week on the overall situation of their IT system.”

He claimed that the cyber attack could not do much damage as the server had been isolated immediately.

“The ICT ministry is working on restoring the server,” the minister said, adding that not only Biman but some foreign airlines also experienced such attacks in recent times.

Earlier on 18 March, Biman’s server was subjected to a cyber attack. The company issued a press release over the incident on 23 March, releasing the information that some computers of the company had come under malware attack and that the suspected servers were immediately isolated.

The press release added that the national carrier introduced an alternate cloud service to run its regular operational activities.

In February, the German flag carrier Lufthansa came under a cyber attack, causing its IT system to go down, disrupting flight operations. It left thousands of passengers stranded at Frankfurt airport.

A day after the Lufthansa incident, the websites of at least three airports in Germany – Dusseldorf, Nuremberg and Dortmund – went offline, which was blamed on hacking as well, according to global media reports.

A report by the International Federation of Airworthiness (IFA) titled ‘Airlines under attack: Faced with a rising tide of cybercrime, is our industry resilient enough to cope?’ found that there were 62 ransomware cyber-attacks on global aviation stakeholders in 2020 alone, equal to a once-a-week attack, and in 2021 new records were set with $50 million in demands made.

According to the report, aviation faces a ransomware attack every week (i.e. where an attacker gains control over all or part of an organisation’s computer system and refuses to give the system back until a ransom has been paid).

These attacks present serious threats to business continuity and often have severe financial impacts even before factoring in any ransoms paid, the cost of buybacks of data, or the costs required to take back control of internal systems. The price of ransomware mitigation measures alone is expected to cost global companies over €20 billion a year.

Though Biman Bangladesh Airlines came under attack, it did not need to suspend flight operations or delay flights, according to Biman officials.

Biman authorities did not disclose if any classified information on passengers was leaked after the cyber attack as an investigation on the incident is still going on.

According to the IFA report, there are a growing number of state-sponsored or highly organised crime syndicates capable of conducting large-scale targeted intrusions to disrupt operations and steal valuable intellectual property as well as extort money.

Airlines are an irresistible target for cybercriminals, with an estimated €1 billion lost from fraudulent websites each year.

The report also identifies the “Big 3” attacks used to target airlines, namely, fake websites, data theft and phishing.

Related Posts