ragnarlocker attacks Huge drama for Tap Air Portugal

Incident Date:

August 31, 2022

World map

Overview

Title

ragnarlocker attacks Huge drama for Tap Air Portugal

Victim

Huge drama for Tap Air Portugal

Attacker

Ragnarlocker

Location

Jamaica, USA

New York, USA

First Reported

August 31, 2022

Ragnarlocker Ransomware Attack on TAP Air Portugal

Company Overview

TAP Air Portugal is a leading airline that offers flights to various destinations worldwide. The company's website provides information on flight bookings, destinations, and travel tips. TAP Miles&Go, the airline's loyalty program, offers exclusive offers, advantages with partners, and a club that provides additional miles and benefits.

Attack Details

Ragnarlocker, a ransomware group, has claimed responsibility for an attack on TAP Air Portugal, a transportation company, through their dark web leak site. The group is known for its ransomware attacks, which involve encrypting data and demanding ransom money in exchange for the decryption key. The group has been active in the dark web, targeting various organizations and individuals.

Vulnerabilities and Mitigation

Ransomware attacks can exploit various vulnerabilities, such as phishing emails, software vulnerabilities, and the Remote Desktop Protocol. To mitigate the risk of ransomware attacks, organizations should prioritize patching newly disclosed vulnerabilities, understand the adversary's techniques, and develop robust cybersecurity measures.

The ransomware attack on TAP Air Portugal by Ragnarlocker highlights the ongoing threat of cybercriminals targeting organizations in the transportation sector. Companies must remain vigilant and implement robust cybersecurity measures to protect against such attacks.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.