A massive computer sabotage operation has hit Russia’s flag carrier Aeroflot, the country’s largest airline and a symbol of Russian civil transport. Founded in 1923, Aeroflot is one of the oldest airlines in the world and is still a strategic asset for the Kremlin. The attack was claimed by the groups Silent Crow (Ukrainian) and the Belarusian Cyber Partisans, long known for coordinated actions in cyberspace in support of Ukrainian resistance and the fight against authoritarian regimes in the post-Soviet area.

According to BBC News, the attack had immediate consequences on dozens of domestic and international flights, generating chaos at Moscow airports. ABC News Australia also pointed out that the operation hit a symbol of Russian domestic mobility hard, with strategic and propaganda repercussions.

A year of preparation for a total collapse

The attack, according to reports by the groups responsible on Telegram and confirmed by several OSINT sources, had been planned for over a year and led to the destruction of some 7,000 servers, with up to 20 terabytes of sensitive data being stolen. The collapse affected the airline’s entire IT infrastructure, paralysing its operations and generating cancellations and delays at dozens of airports, especially in the capital Moscow.

Inside sources also report that the attack allegedly involved critical systems such as flight histories, corporate e-mails, internal surveillance tools, and remote access. The cyberactivists also threatened to publish the personal data of all Russian citizens who had ever flown with Aeroflot.

Obsolete systems and poor IT hygiene

What made the attack possible, according to the cyber-partisans, was a combination of negligence and technological obsolescence: the CEO had not changed his password since 2022 and the company was still using Windows XP and Windows Server 2003. Employees would also have systematically ignored the most basic computer security rules, making the infiltration only ‘a matter of time’.

Who Silent Crow and the Belarusian Cyber Partisans are

Silent Crow is a pro-Ukrainian hacktivist group that has appeared in recent years in the context of the hybrid war against Russia. It acts mainly through computer sabotage campaigns aimed at hitting critical infrastructures, state services and symbolic targets. The group operates in the form of a collective, with a strong patriotic slant, and uses Telegram channels to claim its actions and spread political messages.

Belarusian Cyber Partisans, on the other hand, are a much more structured group that has been active since 2020, known for their actions against the authoritarian regime of Aleksandr Lukašenko. Over time, they have specialised in complex cyber operations that include digital sabotage, interception of communications and publication of sensitive data. They formed an informal alliance with Ukrainian groups after the Russian invasion of 2022, in the context of a common opposition to Moscow. The group calls itself a hacktivist collective for the liberation of Belarus, and has also been the subject of international investigations, as reported on their official website.

Both groups operate on the borderline between political activism, cyber warfare and sabotage, blurring the line between independent operations and possible links with state apparatuses.

Official confirmation and geopolitical implications

Official Russian sources, including the General Prosecutor’s Office of the Russian Federation, also confirmed the existence of a cyber attack on Aeroflot’s systems and opened a criminal investigation into the incident. The authorities spoke generically of a ‘malfunction’ of the information systems, but without providing technical details or a timeline for a full recovery.

Russian MP Anton Gorelkin said: ‘The war against our country is being fought on all fronts, including the digital one’. A statement that reflects the growing impact of cyber operations in the Russian-Ukrainian conflict.

Cyberspace and alliances in hybrid warfare

The attack on Aeroflot represents one of the cases where a cyberattack has an immediate and tangible impact on the civilian population, affecting thousands of passengers and compromising a symbolic infrastructure of the Russian state. Even more relevant is the transnational cooperation between hacktivist groups, such as the Silent Crow and the Cyber-Partisans of Belarus: a digital brotherhood between non-state actors united by a common enemy, acting outside traditional geopolitical and military borders.

The battle in cyberspace thus confirms itself as one of the key instruments of contemporary hybrid conflict, capable of destabilising real infrastructures through digital means, and redefining the very concept of war, alliance and sovereignty.