Cyber Incident Victim: TAAG Angola Airlines
Date:
Sep 2024
Location:
Angola
Summary
A cyberattack targeted Angolan airline TAAG, causing disruptions to some on-premises servers but leaving flight operations unaffected. The company confirmed all scheduled flights continued normally while maintaining compliance with national and international aviation safety regulations. Internal services experienced partial outages, prompting activation of contingency measures. The airline's IT department is working to restore affected systems and has notified relevant authorities of the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On September 16, 2024, Angolan national airline TAAG experienced a cyberattack targeting its local server infrastructure. The incident caused disruptions to unspecified internal services described as "on-opremisses" (likely a transcription error for "on-premises") systems, though the company confirmed its core flight operations remained unaffected. TAAG issued a public statement on September 17 clarifying that all scheduled flights continued operating without interruption and that the airline maintained compliance with national and international aviation safety regulations, specifically citing authorization from ANAC, IATA, and ICAO. The attack did not compromise operational safety protocols or flight scheduling capabilities. No details regarding the attack vector, threat actor, or data impact were disclosed in the initial communication.
TAAG activated a pre-established contingency plan immediately following the attack to manage service disruptions. The company's information technology department prioritized restoring affected internal services while maintaining normal flight operations. TAAG formally reported the incident to unspecified competent authorities but did not identify which agencies were notified. Management emphasized ongoing efforts to implement corrective measures to fully normalize internal systems, though no timeline for complete recovery was provided. The airline reiterated its focus on maintaining operational continuity while addressing the technical consequences of the attack through coordinated internal response efforts.