News / SpiceJet's woes continue as ransomware attack delays flights

Indian low-cost and freighter airline SpiceJet – already caught up in several challenges – has become the latest casualty of a cyber attack.

Reports said the cyber attack was detected last night, which threw this morning’s flight schedules across the country out of whack.

“Certain SpiceJet systems faced an attempted ransomware attack last night that has impacted our flight operations,” a spokesperson for the airline said, when contacted by The Loadstar.

“While our IT team has, to a large extent, contained and rectified the situation, this has had a cascading effect on our flights, leading to delays.

“Some flights to airports where there are restrictions on night operations have been cancelled.  SpiceJet is in touch with experts and cybercrime authorities on the issue.”

SpiceJet’s freight arm, SpiceXpress, operates four 737 freighters on intra-Asian services and all four appear to have been delayed today by between one and three hours, according to flight tracking services.

SpiceJet carried 39,000 tons of cargo in Q3 (October-December) and any disruptions will have an obvious knock-on effect on cargo flow as the economy gains speed.

While no one was available to react to the cargo delays, passengers are speaking out: “Operating normally? We have been stuck here for three and three-quarter hours. Neither cancelling nor operating…” one angry passenger tweeted this morning.

Another said: “Extremely poor customer service by Spicejet. The staff has no clue and the poor excuse is ‘server down’, so cannot take printouts.”

The Ajay Singh-led airline, once touted as the country’s second-largest operator, has often fallen into the crosshairs of Indian aviation authorities for service shortcomings in recent weeks.  The Directorate General of Civil Aviation (DGCA) this month grounded a SpiceJet aircraft that had developed a snag shortly after taking off from Chennai for Durgapur (West Bengal).

In addition, the Airport Authority of India (AAI), which administers airports across the country, put SpiceJet into “cash and carry” mode in 2020, following its inability to clear up airport dues.

However, SpiceJet was able to avert the consequences of Indian court rulings over its failure to settle dues owed to maintenance company SR Technics.

“SpiceJet had already provided a bank guarantee of $5m on the direction of the Madras High Court and there is no adverse financial liability on the company,” the carrier said. “The settlement involves payment of certain amount upfront and balance amount over a mutually agreed timeline.

“The settlement with Credit Suisse follows SpiceJet’s successful settlements and performances therein with De Havilland Aircraft of Canada, Boeing, CDB Aviation, BOC Aviation and Avolon and provides an impetus to normalisation, growth and expansion of the airline,” it added.

SpiceJet also ended the third fiscal quarter (October-December) on a somewhat positive note, reporting a net profit of Rs232.8m ($3m), versus a loss of Rs570m year on year, on gross income that soared 43% to Rs26.8bn. SpiceXpress handled over 39,000 tons of cargo in Q3, while the airline added 40 new routes during the three-month period.

The Q4 performance announcement, expected soon, should indicate if the demand spike for air capacity in recent months helped the private airline mop up some extra cash to make its balance sheet healthier.

The need for transport industry stakeholders to pay greater attention to cyber security has increased enormously in the wake of growing cyberattack incidents.  Most recently, global logistics giant Expeditors International had to shut down most of its network systems due to a major outage.

You can contact the writer at [email protected]