What’s worse?
Being hit by ransomware attack that sees criminals steal information about your staff and passengers…
or…
Being hit by ransomware attack that sees criminals steal information about your staff and passengers, AND then have the gang tell the world that your firm’s IT infrastructure is so chaotic, poorly-secured, and downright irritating that it refuses to repeat the attack.
That’s the humiliating slap in the face given by the Daixin Team ransomware gang to Air Asia which lost the personal data of five million passengers and all employees earlier this month.
As DataBreaches.net reports, the incompetence of AirAsia may actually have spared the airline from further attacks:
“The chaotic organization of the network, the absence of any standards, caused the irritation of the group and a complete unwillingness to repeat the attack,” the spokesperson for Daixin Team said. “The group refused to pick through the garbage for a long time. As our pentester said, ‘Let the newcomers sort this trash, they have a lot of time.’”
“The internal network was configured without any rules and as a result worked very poorly. It seemed that every new system administrator ‘built his shed next to the old building.’ At the same time, the network protection was very, very weak.”
Ouch.
AirAsia declined to comment on the DataBreaches.net report. Frankly you can’t blame them for ducking that one.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.
They don't reply here like they don't reply the customers 😅
I guess is because Air Asia not have money to pay ransom.