MOSCOW, Russia (July 29, 2025) – A major cyberattack targeting Russia’s aviation infrastructure has caused the cancellation of more than 50 flights across the country, throwing domestic and international travel into disarray during the peak summer tourism season. Flagship carrier Aeroflot, along with Victory Airlines, Red Wings, Express Air, and Samara, were among those severely affected. Key international and domestic hubs, including Moscow’s Sheremetyevo, St. Petersburg’s Pulkovo, and Ekaterinburg’s Koltsovo airports, experienced widespread cancellations, delays, and operational paralysis.
The incident, which Russian authorities say stems from a coordinated cyber offensive, was claimed by the Ukrainian hacker group Silent Crow and Belarusian activist collective Cyber-Partisans. The attack highlights the growing cybersecurity vulnerabilities facing critical transportation infrastructure amid geopolitical tensions.
Sheremetyevo Airport: Ground Zero of the Disruption
Sheremetyevo International Airport (SVO), Aeroflot’s primary hub, bore the brunt of the attack. Cancellations began as early as 6:15 a.m., with inbound and outbound flights to key destinations such as Kazan, Samara, Minsk, and Yerevan abruptly halted. In total, over two dozen Aeroflot-operated flights were cancelled within a few hours, affecting more than 10,000 passengers.
According to Russia’s transport ministry, Aeroflot’s subsidiaries Rossiya and Pobeda were also impacted. Social media was flooded with images of frustrated passengers stranded in terminals with no access to digital services or updates on their flights.
The cyberattack reportedly compromised flight scheduling systems, check-in services, and baggage handling networks. Over 41 million bags were handled at SVO in H1 2025, and the sudden breakdown of digital systems caused major delays in baggage reclaim and delivery.
Widespread Impact: Pulkovo and Koltsovo Affected
The disruption extended beyond Moscow. Pulkovo Airport (LED) in St. Petersburg saw multiple flight cancellations and delays. Cancelled flights included services to Astrakhan, Batumi, Minsk, and Moscow, with affected airlines including Aeroflot, Red Wings, and Victory Airlines. Several flights remained “detained” with no clear departure times.
At Koltsovo International Airport (SVX) in Ekaterinburg, the situation was similarly dire. Arrivals and departures to and from Moscow, Kazan, and Samara were all affected, with Aeroflot and Red Wings suspending scheduled services on July 29.
Who Is Silent Crow?
The pro-Ukraine hacker group Silent Crow took credit for infiltrating Aeroflot’s internal systems. According to a statement posted on a dark web forum, the group claims to have accessed employee surveillance footage, audio recordings of internal calls, passenger data, and internal documents over a span of nearly one year. Some files are expected to be leaked in phases.
Belarusian group Cyber-Partisans, known for targeting government institutions supporting the Russia-Ukraine conflict, also reportedly coordinated efforts in disabling airline systems and exposing data vulnerabilities. The Russian Prosecutor’s Office confirmed that an investigation has been launched under cybersecurity and counter-terrorism protocols.
National and International Travel Disrupted
Although most affected flights were domestic, several international connections were also cancelled. Routes to Yerevan (Armenia), Tashkent (Uzbekistan), Minsk (Belarus), and Almaty (Kazakhstan) were suspended, severing vital connections between Russia and its regional allies. The Belarus Ministry of Transport confirmed flight cancellations to and from Moscow, further underscoring the geopolitical ramifications of the attack.
The timing could not have been worse for Russia’s travel industry. With peak summer holiday traffic, tourism revenues were expected to see a boost. Instead, thousands of travelers found themselves rerouted, delayed, or stranded entirely, with many international tourists expressing concerns over data privacy and travel safety in the region.
Aviation Experts Warn of Long-Term Repercussions
Russian cybersecurity experts and aviation analysts have warned that the attack could have long-term consequences for the aviation sector. Trust in digital systems—central to everything from ticketing to navigation—has been deeply shaken. While backup protocols helped resume partial operations, a full recovery could take weeks.
“This is not just a technical problem—it’s a geopolitical and reputational crisis,” said Dmitry Ivanov, a cybersecurity analyst based in Moscow. “Airlines will have to invest heavily in rebuilding their systems and restoring passenger trust.”
The Russian Federal Air Transport Agency has called for a multi-agency audit of airline cybersecurity frameworks and airport IT systems. Proposed actions include enhancing firewall protections, decentralized data storage, and integration of AI-based anomaly detection systems to counter future breaches.
Tourism Fallout: Economic and Brand Damage
Tourism agencies across Russia have reported a surge in cancellations and refund requests. Travelers from Europe, Central Asia, and the Middle East are hesitating to book future trips. Russia’s Federal Agency for Tourism acknowledged that the incident has “compromised confidence in aviation infrastructure,” particularly among international tourists.
The Association of Tour Operators of Russia (ATOR) has urged airlines to issue full refunds and offer rebooking options. Meanwhile, hotel operators near affected airports have been forced to accommodate stranded travelers, with occupancy rates temporarily spiking in cities like Moscow and St. Petersburg.
Cybersecurity in Aviation: A Global Wake-Up Call
This cyberattack follows similar incidents around the globe, including temporary shutdowns of airline systems in the U.S., India, and parts of Europe in the past 18 months. Industry insiders now call for urgent international cooperation to strengthen aviation cybersecurity.
The International Civil Aviation Organization (ICAO) has reiterated the need for member states to share intelligence, conduct stress tests, and implement advanced defense protocols across all digital systems in aviation.
Looking Ahead
As Russia scrambles to restore order in its airspace, the July 2025 cyberattack serves as a grim reminder that modern aviation’s biggest threat may no longer be mechanical failure or weather—but digital warfare.
With millions of passengers depending on smooth, secure air travel, the aviation sector must act swiftly to fortify its defenses, rebuild traveler confidence, and ensure that digital disruptions don’t become the norm in a highly interconnected global travel industry.
For more travel news like this, keep reading Global Travel Wire
