The LockBit ransomware group has claimed responsibility for the Queretaro Intercontinental Airport cyberattack. According to the dark web portal of LockBit, they will publish all the exfiltrated data from the cyberattack after the deadline of 27 November 2023.
The Queretaro Intercontinental Airport (AIQ) handles national and international flying and is located in the municipalities of Colon and El Marques, Queretaro.
Queretaro Intercontinental Airport Cyberattack
Threat Intelligence firm Falcon Feeds tweeted the screenshot below from LockBit’s dark web portal.
The alleged AIQ ransomware attack was also tweeted by another cybersecurity platform Better Cyber with the following screenshot:
The screenshot displayed blurred samples of data allegedly exfiltrated during the AIQ ransomware attack. The Queretaro Intercontinental Airport cyberattack claims remained unverified at the time of writing.
The Cyber Express emailed the officials asking about the AIQ cyberattack or a possible cybersecurity incident. We will update this report after receiving a response.
The website of the airport was accessible after the alleged AIQ cyberattack.
About LockBit Ransomware Group
They operate an affiliate model which allows them to have other members use their malware and increase their number of targets.
In one instance, the cybercriminal group named 60 organizations as victims of ransomware.
The ransomware group has been found advertising open positions for developers on its dark web portal.
Addressing how to disable ransomware attacks, a report by The Guardian read that it is difficult. What is within reach is stopping the ransomware attack from taking place by keeping detection and prevention tools in place.
This could be for phishing detection which often contains malware-infected decoys in PDF or other formats.
Although the payment of a ransom in the UK, the US, and most other parts of the world is not unlawful, the law discourages the payment of a ransom because it encourages further attacks. Moreso, ransom payment does not determine if they will stop after being paid once.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.