Ouch! Ransomware gang says it won’t attack AirAsia again due to the “chaotic organisation” and sloppy security of hacked airline’s network

“Garbage”

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Ouch! Ransomware gang says it won't attack AirAsia again due to the "chaotic organisation" and dreadful security of hacked company's network

What’s worse?

Being hit by ransomware attack that sees criminals steal information about your staff and passengers…

or…

Being hit by ransomware attack that sees criminals steal information about your staff and passengers, AND then have the gang tell the world that your firm’s IT infrastructure is so chaotic, poorly-secured, and downright irritating that it refuses to repeat the attack.

Sign up to our free newsletter.
Security news, advice, and tips.

That’s the humiliating slap in the face given by the Daixin Team ransomware gang to Air Asia which lost the personal data of five million passengers and all employees earlier this month.

Passenger data

As DataBreaches.net reports, the incompetence of AirAsia may actually have spared the airline from further attacks:

“The chaotic organization of the network, the absence of any standards, caused the irritation of the group and a complete unwillingness to repeat the attack,” the spokesperson for Daixin Team said. “The group refused to pick through the garbage for a long time. As our pentester said, ‘Let the newcomers sort this trash, they have a lot of time.’”

“The internal network was configured without any rules and as a result worked very poorly. It seemed that every new system administrator ‘built his shed next to the old building.’ At the same time, the network protection was very, very weak.”

Ouch.

AirAsia declined to comment on the DataBreaches.net report. Frankly you can’t blame them for ducking that one.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.


Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.

2 comments on “Ouch! Ransomware gang says it won’t attack AirAsia again due to the “chaotic organisation” and sloppy security of hacked airline’s network”

  1. Ami

    They don't reply here like they don't reply the customers 😅

    1. Tan Tiong Meng · in reply to Ami

      I guess is because Air Asia not have money to pay ransom.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.