2 min read

SAS Airlines hit by $3 million ransom demand following DDoS attacks


May 31, 2023

Promo Protect all your devices, without slowing them down.
Free 30-day trial
SAS Airlines hit by $3 million ransom demand following DDoS attacks

Scandinavian Airlines (SAS) has received a US $3 million ransom demand following a prolonged campaign of distributed denial-of-service (DDoS) attacks against its online services.

As Cybernews reports, the Anonymous Sudan hacktivist group published their financial demand on its Telegram channel after disrupting the airline's website and smartphone app.

In a post on its encrypted channel, Anonymous Sudan said it was increasing its ransom demand to US $3 million, and that the airline should "expect this to keep increasing more and more."

That's certainly considerably more than the hacktivists had originally demanded - when they initially launched their DDoS campaign they requested a paltry US $3500 ransom.

Bizarrely, Anonymous Sudan did not give any political reason for its latest attack against the airline - instead suggesting that it was a response to poor customer service:

"We are here to teach you a lesson of caring about your customers, we will continue attacking you and increase the intensity more, as we said before this doesn't make a difference for us, we simply attack and you get harmed."

It's certainly true that travellers dealing with SAS are experiencing poor customer service - at least when it comes to accessing the airline's website or using the SAS mobile app.

Frustrated customers have turned to social media to complain about SAS's website being offline or its app not working.

SAS has been in the firing line from Anonymous Sudan since February, when its website and smartphone were first knocked offline and customer data was exposed.

Although the attackers have chosen to use the name "Anonymous Sudan," it should be noted that it's very possible that they do not in fact hail from Sudan. Some have speculated that the campaign may instead be linked to Russia.




Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.

View all posts

You might also like