AirAsia is a Malaysian multinational airline that had a ransomware attack by a hacker group called Daixin Team. They are responsible for hacking the data of 5 million employees and passengers.
What is Ransomware Attack?
Ransomware is a type of malware that prevents users from accessing their data on a computer by locking the file systems or computer screens.
It then attempts to prompt a ransom note on the computer asking the victims to pay in the form of digital currency like Bitcoin to restore access to their data and computers.
How did it happen?
Hackers were able to get into employee and passenger information on the air Asia system because of a security flaw. They found a way to get to their data and then started leaking it online by putting it in two files that they shared (Markets, 2022). The Air Asia ransomware incident occurred on November 23, 2022. This ransomware incident resulted in the compromise of the personal information of five million consumers and staff.
On one of the files, a sample of personal information was said to include passenger IDs, full names, and booking IDs. On the other file, a sample of personal information was said to include employee information, such as country of birth, date of hire, secret questions and answers, and so on. Air Asia also talked to the hackers, but the airline did not pay the demanded ransomware amount to the hackers.
Analyze the Incident
Initial assessments indicate that an illegal server intrusion at AirAsia caused the issue on November 12th. Sensitive company information has been compromised as a result of the ransomware attack. Hackers obtained access to critical staff and passenger data on the Air Asia system due to a security failure. They discovered a way into two files they had been exchanging online and have begun leaking information from them. Malaysia’s Communications and Digital Minister, Fahmi Fadzil has advised all data users to be extra cautious and to routinely strengthen their information and computer infrastructure’s cybersecurity safeguards (Straits, 2022).
How to Prevent Ransomware Attacks?
There are various means by which we might defend ourselves against ransomware attacks.
1) Educating your team is one way to combat ransomware. A good education should help people spot and counter phishing. Real-time cyberattack simulation training and practice.
2) Macros contained in email attachments should not be opened. When the user opens the attachment and activates the macros, the malicious code is run.
3) Always update OS and apps. Most cyberattacks target software with known security weaknesses. Checking for updates reduces the number of exploitable vulnerabilities.
4) Use a backup and recovery strategy for your most important data. Keep regular backups, test them, and use them to reduce the effect of any data or system loss and speed up recovery.
5) Performing Penetration Testing, which is a security vulnerabilities testing method for your company’s IT infrastructure, such as networks, servers, and computers, including any web or mobile applications.
Employees might be the target of sophisticated phishing attacks. Therefore, cyber security awareness training for safety in modern institutions is in dire need. Condition Zebra has formed a partnership with KnowBe4 to provide organizations with up-to-date security awareness training.
If you’re looking to leverage our expertise, that is to get the best solutions that demonstrate the highest levels of knowledge, skills, and competence, then reach out to us today!
How we can help:
Free Phishing Security Test
The purpose of this Free Phishing Security test is to provide a safe space for IT teams to implement email phishing simulations for all the employees in the company.
Find out what percentage of your employees are at risk and how many users are clicking on phishing links.
IT Security Awareness Program
Introducing, KnowBe4 Security Awareness Training Platform, the world’s largest security awareness training content library, including interactive modules, videos, games, posters, and newsletters. Automated training campaigns with scheduled reminder emails
The significance of cybersecurity awareness training for employees cannot be overstated. If they are well taught and aware of the types of attacks they may face, they will know what action to take. This will protect them against any type of attack, regardless of its severity.
- Market, T.E. 2022. AirAsia hit by a ransomware attack, five million passenger and employee data compromised. Available at: http://www.theedgemarkets.com/article/airasia-hit-ransomware-attack-5-million-passenger-and-employee-data-compromised
- Strait, T. 2022. Malaysia conducts probe into AirAsia ransomware attack, data of 5 million people affected. Available at: https://www.straitstimes.com/asia/se-asia/malaysia-conducts-probe-into-airasia-ransomware-attack-data-of-5-million-people-affected
- Zebra, C. 2022. IT Security Awareness Program – Condition Zebra | Cyber Security Company Malaysia. Available at: https://condition-zebra.com/security-awareness-program/