HelpRansomware has examined the ransomware attack which hit AirAsia.
The company, a leader in ransomware removal, cybersecurity, and decryption, has studied the events of mid-November and how they affected the airline’s online reputation.
Immediate Ransomware Help
Don’t let ransomware hold your business hostage. Our experts are ready to recover your data and secure your systems.
AirAsia ransomware attack
According to the website DataBreaches which reports data breaches globally, a ransomware attack targeted five million passengers and all AirAsia employees.
Some of the confidential information breached were:
- Passenger IDs and reservations;
- Passengers’ names and surnames;
- Employee pictures;
- Secret questions and answers for password recovery;
- Nationality, date, country of birth, and date of passengers’ purchase.
Attackers published such data on the Dark Web.
About AirAsia
AirAsia is Malaysia’s largest airline by fleet size and destinations.
Its headquarters are located near Kuala Lumpur, and it regularly operates domestic and international flights.
A ransomware attack hit it in November, similar to the one that affected Tap Air Portugal last August.
Daixin Team behind the ransomware attack
Daixin Team, a group that recently increased its criminal activity, perpetrated this ransomware attack.
Daixin Team has been active since June 2022 but has only focused on spreading ransomware in the healthcare sector.
The hackers handed AirAsia two .csv files as proof of the data theft.
According to DataBreaches, the airline asked hackers for the amount that would have prevented the release of confidential data.
By publishing this data on the Dark Web, the criminal organization encourages attackers to use phishing techniques or obtain a driver’s license with a fake photo.
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) released an alert about Daixin Team.
This paper, issued in October 2022, warned of its dangers and method of operation:
‘Daixin Team is a cybercrime group that is actively targeting U.S. businesses, predominantly in the Healthcare sector with ransomware and data extortion operations.’
Whether the airline paid the ransom for the decryption key and data removal is unknown.
HelpRansomware, a leader in ransomware removal, cybersecurity, and decryption, always recommends against paying the ransom to hackers. Giving in to blackmail does not ensure recover encrypted files and contributes to cybercrime.
Expert Ransomware Removal
Our certified professionals have over 25 years of experience in ransomware removal, data recovery, and computer security.
AirAsia announcement
AirAsia took to the stock exchange company’s website Bursa Malaysia to minimize the impact of the news:
‘The company wishes to clarify that the cyber-attack was on redundant systems and did not affect our critical systems. The company has taken all measures to immediately resolve this data incident and prevent future incidents.’
AirAsia: the analysis
HelpRansomware, a leading ransomware decryption company, analyzes how this criminal act has affected AirAsia’s online reputation.
The study is divided into the following:
- Sentiment;
- Positivity and negativity;
- Emotions;
- Geographical distribution;
HelpRansomware considers November as the analysis period.
The sentiment
The sentiment computes the percentage of positive or negative feelings generated by users on social media.
Positive sentiment is 28.2%, and negative sentiment is 6.4%.
Furthermore, the corporation has a net sentiment of 63.2%.
The net percentage is measured on a scale of -100 to 100.
Despite the ransomware’s reputational damage, sentiment results are good.
Emotions
HelpRansomware has investigated the emotions generated by the airline.
The RepUP Monitoring Tool, a software patented by ReputationUP, divides feelings as follows:
- Happiness;
- Sadness;
- Fear;
- Anger;
- Surprise.
Happiness is the predominant emotion, with 36.7%, followed by anger (35.6%), sadness (14.4%), and fear (13.3%).
Geographical distribution
The results (online interactions, such as mentions, likes, comments, videos, etc.) come from Russia, India, and Central Europe.
Conclusions
HelpRansomware has analyzed the ransomware attack on AirAsia and how the incident has affected the airline’s online reputation.
You can draw the following conclusions from this case study:
- The attack affected five million passengers and all airline employees;
- Data such as names or pictures were leaked to the Dark Web;
- Daixin Team is the group behind the ransomware attack;
- The company released a statement to minimize the impact of the attack;
- The company’s positive sentiment is 28.2%, and the negative sentiment is 6.4%;
- Happiness is the predominant emotion of users toward AirAsia;
- Russian and Indian users interacted the most with the airline.
As you may deduct from the case study results, the ransomware attack has not affected the sentiment toward AirAsia.
The company’s good online reputation has protected it from the digital crisis caused by ransomware.
This type of malware does not affect reputation; data encryption and ransom payment is the primary goal.
If you are a ransomware victim, contact HelpRansomware, a leading company specializing in ransomware removal and file decryption.
