background.png

The Cyber Feed

Protection Beyond the Perimeter Starts Here.

Posts by Topic

see all

Get Updates from Us!

British Airways Flight to DDoS Lands with Cyber Turbulence

The 25th of April wasn’t a simple day for British Airways, flag carrier and largest airline of the United Kingdom.

ba_similarweb.jpg

On a regular day, the ba.com site is flooded with visitors, not only from the UK, but from prospects and customers worldwide.

But on 25th of April, the ba.com site was down for more than an hour; people couldn't book or check-in to flights, and neither Arrival nor Departures times were visible.

Instead, all that could be seen was  an alleged internal server error:

“an error occurred while processing your request”

But the damage hitting the airline seeped way past the computer and mobile screens of their customers: British Airways suffered a revenue loss of  £100,000, caused by a cyber attack that took their website down for (‘only’) an hour.

What Had Happened to the UK’s Legendary Airline Giant?

Between 16-26 of October 2014, somewhere around South Shields, UK NE33, 23-year-old Paul Dixon, is suspected to have disabled the BA.com website, along with those of the Durham Police, Police Scotland, and video game retailer, CeX.

Dixon was arrested by the North East Regional Special Operations Unit later on that month.

Dixon was charged with five counts of carrying out unauthorised acts which impaired access or operation to a computer.

Dixon faces a potential prison term of up to 10 years.

As declared by prosecutor Jim Hope, Dixon executed a DDoS attack, and successfully made the aforementioned websites unavailable to users. Other companies such as CeX are estimated to have lost between £400 and £500 in revenue.

This isn’t the first time that airline giant, typically known as “BA”, has suffered a DDoS attack. Their last hit was in March 2015.

To the airline’s dismay, fraudulent users had accessed customer accounts to reserve hotel bookings and access saved credit card details.

Dixon’s motives in pulling off a DDoS onto the ba.com site are pretty self-explanatory. While more details behind this specific DDoS are still unknown, questions to be asked have already unfolded;

How Can CISOs Defend Against DDoS?

SUBSCRIBE

download.jpg