Wow, rendering their entire core business operation vulnerable to extortion from a DDoS attack that's capable of taking down a single API endpoint? Even if they have a major commercial WAF/CDN, the cost to take down Cloudflare is a lot lower than the revenue lost by an entire airline being unable to process boarding at all.
Fingers crossed the Russians figure this out and help remind these businesses why lacking paper alternatives is NOT a cost-saving measure. The group that can take down that API endpoint can pretty much name their price to Ryanair and the C-suite will effectively have a fiduciary duty to shareholders to pay it if there's truly zero alternative and that starts disrupting revenue indefinitely.
Fingers crossed the Russians figure this out and help remind these businesses why lacking paper alternatives is NOT a cost-saving measure. The group that can take down that API endpoint can pretty much name their price to Ryanair and the C-suite will effectively have a fiduciary duty to shareholders to pay it if there's truly zero alternative and that starts disrupting revenue indefinitely.