**Russian Airline Hack Came Through Third-Party Tech Vendor**

A shocking revelation has emerged in the wake of a devastating cyberattack on Aeroflot, Russia's flagship airline. The hack, which disrupted operations and grounded dozens of flights, was allegedly carried out through an outside software developer that had access to the carrier's IT network.

According to reports from local news outlet The Bell, Bakka Soft, a Moscow-based company, worked on Aeroflot's iOS apps and quality management systems. The publication cited two sources familiar with the investigation as well as those close to the company.

The cyberattack in question took place in late July this year, resulting in more than 100 grounded flights, tens of thousands of passengers stranded, and losses from flight cancellations amounting to at least $3.3 million. The total damage from the attack was likely "tens of millions of dollars."

It is alleged that there had been "suspicious activity" on Aeroflot's IT infrastructure as far back as January, roughly half a year before the attack. Despite this warning sign, the carrier did not tighten up its security measures.

The attackers allegedly moved in through the same vulnerability and installed two dozen malware tools six months later. The report claims that Bakka Soft did not have two-factor authentication (2FA) in place at the time, allowing the attackers to establish persistence.

Bakka Soft has thus far declined to comment on whether its systems were breached, while the hacktivists involved, Silent Crow and Cyberpartisans, refused to disclose how they broke into Aeroflot's system.

The Bell's report cannot be independently verified at this time. It is worth noting that the publication was founded in 2017 by Russian journalists and has been designated by the Russian government as a "foreign agent."

This designation, which has also been applied to other organizations deemed undesirable by the state, carries significant consequences for The Bell. The group must mark all publications with a warning, file extra reports, face frequent inspections, and risk heavy fines.

**Catch the Price Drop: 30% Off Enterprise and Business Plans**

For those interested in securing their own networks against similar cyber threats, a special Black Friday offer is currently available. Customers can take advantage of 30% off Enterprise and Business plans for a 1- or 2-year subscription by using promo code BLACKB2B-30 at checkout.

**Cybersecurity Threats: A Growing Concern**

The Aeroflot hack serves as a stark reminder of the growing threat posed by cyberattacks. In recent years, high-profile incidents have disrupted operations and caused significant financial losses for organizations around the world.

As businesses continue to rely on technology to drive growth and efficiency, it is essential that they prioritize cybersecurity measures to protect against these increasingly sophisticated threats.

**Stay Ahead of Cyber Threats with TechRadar Pro**

To stay informed about the latest developments in cybersecurity and receive expert advice on how to protect your business from cyber threats, sign up for our newsletter. Our dedicated team will keep you up-to-date on all the top news, opinion, features, and guidance you need to succeed.