Krasnoyarsk Regional Airlines, KrasAvia, confirmed on September 19, 2025, that a cyberattack had severely disrupted its online ticketing and internal operational systems.
Passengers attempting to book flights through the airline’s website are now unable to complete transactions, while flight planning and assignments have shifted to manual procedures.
The airline’s press service informed NGS24.RU that all available measures are being taken to mitigate the impact and restore normal operations.
Manual Flight Management and Ticketing Disruptions
According to KrasAvia’s statement to NGS24.RU, “We are currently doing everything possible to avoid and minimize the consequences.
All flights have been switched to manual flight and flight management. Unfortunately, tickets are no longer available online.
People are contacting us, and we are redirecting them to offline agencies.” With its digital infrastructure out of service, the airline is coordinating with regional ticket offices to handle reservation requests and ensure passengers can still travel.
Ground staff have reportedly increased staffing levels at key locations to accommodate the surge in in-person inquiries.
As of this afternoon, the KrasAvia website remains unavailable, and no definitive timeline for its restoration has been provided.
A company insider, speaking on condition of anonymity, told NGS24.RU that updates will be posted on KrasAvia’s official communications channels once more information becomes available. “If we have any information, we’ll post it on our resources.
The situation is truly tense right now,” the source added, underscoring the urgency of the incident.
Indicators of External Intrusion
Cybersecurity watchers on the Borus Telegram channel first reported the outage, suggesting that KrasAvia’s homepage had been targeted by malicious actors.
A screenshot shared by Borus showed an error screen in place of the airline’s usual portal, though the image has since been removed.
While KrasAvia has declined to confirm the specific nature of the breach, the airline has launched an internal investigation to determine the attack vector and assess potential data compromise.
This incident mirrors a high-profile cyberattack earlier this summer against Aeroflot, Russia’s largest carrier, which saw critical operational systems disabled and passenger data briefly inaccessible.
KrasAvia noted that “the malfunctions were caused by a situation similar to the one Aeroflot faced,” hinting at possible common vulnerabilities in airline IT infrastructures.
Ongoing Investigation and Passenger Guidance
KrasAvia’s cybersecurity and IT teams are collaborating with external experts to trace the origin of the attack, contain any lingering threats, and securely restore systems.
The airline has assured customers that no flight schedules will be canceled, though passengers should expect longer processing times and may face delays in ticket issuance.
Travelers planning to fly with KrasAvia are advised to contact regional ticket offices directly or visit local travel agencies affiliated with the carrier.
Customer support hotlines remain active for inquiries regarding existing reservations, schedule changes, and potential rebookings.
The press service emphasized its commitment to transparency and will issue further bulletins as investigations progress and systems are brought back online.
In the wake of this disruption, Russian airlines are likely to re-evaluate their cybersecurity defenses and contingency protocols to prevent similar incidents in the future.
For now, KrasAvia’s priority is restoring digital services and ensuring passenger travel continues with minimal hindrance.
Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant Updates
%20(1).webp?resize=1600,900&ssl=1&description=The airline’s press service informed NGS24.RU that all available measures are being taken to mitigate the impact and restore normal operations.){kind=link}