Over 100 flights cancelled by Russia’s national airline Aeroflot and servers destroyed by hackers

Aeroflot has experienced significant disruptions due to a cyberattack by the hacking group Silent Crow, which claims to have severely compromised the airline's IT infrastructure on July 28, 2025. The group alleges that they have accessed Aeroflot's systems for over a year, resulting in extensive damage that could cost millions to repair. The attack led to a paralysis of essential operations, affecting check-ins and the availability of online services, subsequently leaving many passengers stranded at Moscow's Sheremetyevo Airport.

In the aftermath of the attack, Russian authorities initiated a criminal investigation into the cybercrime, while Aeroflot acknowledged a system failure. The hackers have threatened to release sensitive personal data about Aeroflot passengers and internal communications unless their demands, which include ceasing military actions, are met. The incident has had a notable impact on Aeroflot's stock, resulting in a 4% decline.

From a transportation perspective, this incident underscores the vulnerability of critical infrastructure to cyber threats. Airlines rely heavily on IT systems not only for operations but also for passenger data management and communications. A successful attack of this nature can have long-lasting impacts beyond immediate service disruption, potentially leading to a loss of consumer trust and significant financial repercussions. It raises the urgency for airlines and transportation entities to bolster their cybersecurity measures and develop robust disaster recovery plans to mitigate the effects of such attacks in the future. The potential for geopolitical issues to intersect with transportation security highlights the need for a coordinated response and international cooperation in cybersecurity efforts.