• Skip to primary navigation
  • Skip to main content
  • Skip to footer
Logo of Agilient Security Consultants, Australia

Agilient Security Consultants Australia

Cybersecurity & Risk Management Specialists

Menu
  • Home
  • Industries
      • Aviation
      • Defence & Defence Industry
      • Government
      • Health & Hospitals
      • Corrections and Detention
      • Maritime
      • Aged Care Facilities
      • Mining, Oil & Gas
      • Public Venues & Events
      • Rail
      • Research and Education Industry
      • Telecommunications
      • Utilities
    • advice-colleagues-communication-newIndustries
  • Services
      • Cybersecurity
      • Protective Security
      • Business Resilience
      • Building Security Consultants
      • Security Audits
      • Pandemic Planning
      • Electronic Security
      • IT Disaster Recovery Plan
      • Security Consultants
      • CCTV and Security Cameras
      • Duress Alarms
      • Security Risk Assessment Consultants
      • Managed Security Service Provider
      • Protection against Vehicles as a Weapon
    • training-1Services
  • Solutions
    • banner-menuUnisys Solutions
    • CTO-Blog-110619-Header-GraphicLookingGlass Solutions
    • menu-bg-2Dell Technologies (RSA) Solutions
    • Sightline-Visualization-menuSightline Solutions
  • Resources
    • menumanagers-dealing-customer-agreTraining
    • working-together-newJoin The Tribe
    • Webinars_3-1.jpgUpcoming and Past Events
    • hacking-detected-shutterstock_newResources
  • Articles
  • About
    • About Us
      We are an Australian owned and operated security company specialising in risk, cybersecurity, protective security, crisis and business continuity management services.
    • frequently-asked-questions-smallFAQ’s
    • bg-menu-government-institutionsConsultant Registration
  • Contact Us
Contact Us

Understanding the Need for Security in the Aerospace Industry

You are here: Home / General / Understanding the Need for Security in the Aerospace Industry

A recent report claims that aerospace giant Airbus – a major designer and manufacturer of commercial aircraft, helicopters, military transports, satellites and launch vehicles – has suffered at least four major cyberattacks in the last 12 months. The relentless attacks demonstrate the enormous potential for disruption and intrusion in the industry and highlights the need to truly value your data. aerospace industry

The world’s second-largest aerospace group and the company responsible for a large proportion of the world’s weapons manufacturing, Airbus has admitted that it is a target for malicious actors but has kept tight-lipped on any further details. In January, the company released a statement regarding a cyberattack that had led to “some personal data” being stolen, but reassured customers that the information stolen was simply the “professional contact and IT identification details of some Airbus employees in Europe”.

What we know now is that this attack was likely the tip of the iceberg, and part of a 12 month effort from hackers to pry open the company’s IT security in order to access technical documents and sensitive data.

The report confirmed that Airbus was recently attacked via four of its contractors, naming only British engine designer Rolls-Royce and French technology consultants Expleo as targets. Utilising vulnerabilities in the computer systems of Airbus’ global supplier network, the hackers gained access and appeared to be searching for information regarding engines, including those for the A400M military transport aircraft and the A350 airliner. The former is a £150 million engine currently used by French, German and Spanish Royal Air Forces. At this point, it is unclear whether the cyber-attack was successful, and the company itself has provided little information on the extent and nature of the attacks.

What is clear, however, is that aerospace companies are one of the many prime targets for hackers hoping to steal incredibly valuable data and technology, and they continue to be vulnerable through lax security measures and poor supply chain governance.

Joining The Group

Last year, American prosecutors listed 13 unnamed aerospace companies across America, UK, Australia and France as targets in a sophisticated cyber-attack. In the previous year, hackers stole sensitive data regarding Australia’s $14 billion Joint Strike Fighter program and the next fleet of spy planes and naval warships from a Defence subcontractor, reportedly using a common tool known as a “China Chopper”.

Airbus’ American rival Boeing was a victim of the infamous WannaCry attack in 2018, and in June this year the Belgium-based aircraft manufacturer ASCO Industries was crippled by a ransomware attack that took a month to remove and restore. Additionally, it was revealed recently that a UN standards body known as ICAO also had its networked breached in November 2016, compromising the entire IT system and leading to subsequent attacks among member states.

Cathay Pacific made headlines in 2018 when it admitted to facing an intense 3 month cyber-attack that compromised the data of 9.4 million customers, resulting in the leaking of customer names, dates of birth, nationalities, email, addresses, phone numbers, passport numbers, identity cards and historical travel information. Just months prior, British Airways apologised to customers after hackers stole details of around 380,000 card payments through vulnerabilities in the company’s website and app.

Lessons To Be Learned

These attacks are a small yet harrowing reminder that the information held within the aerospace industry is remarkably valuable, ranging from personal information and military secrets to technological data. Because of the variety of data available, the malicious intentions of attackers will vary widely, as will their source, often making their detection and attribution intensely difficult.

Considering the sheer number of threat actors in this industry alone, it is vital to ensure your company is secure by design from the top to the bottom. From IT systems through to supply network security, the aerospace industry must be able to defend against a variety of sophisticated attacks by using effective governance and security planning. Industry stakeholders often turn to ISO standards such as the ISO/IEC 27001:2013 and the IEC 62443 series of standards. In the end, it takes attention to detail and a holistic approach to security in order to develop effective measures in the aerospace industry. Elements such as stakeholder input, standards implementation and guided integration of security measures make all the difference in the process.

Contact Agilient today to see how we can enhance your security and add value to your business.

Author: Elsa Chapple, Agilient Consultant

Tweet
Share

General,  Security News aerospace,  aerospace industry,  Airbus,  cybersecurity,  supply chain

Looking for a security partner? Get in touch with Agilient.

Looking for practical and cost-effective security and risk solutions for your government department, agency or company? Speak with Australia’s leading senior security, risk and resilience experts.


Looking for a pandemic planning partner? Get in touch with Agilient.

Looking for practical and cost-effective risk management solutions for your government department, agency or company? Speak with Australia’s leading senior risk and emergency management experts.



Footer

Agilient is a proud member of

Ai Group Defence Council
Australian Industry & Defence Network
Australian Security Industry Association
Sydney Aerospace & Defence Interest Group

Company and Licensing Details:

ABN: 37 157 911 441
NSW Security Master Licence # 410783087
ACT Security Master Licence # 17502184
Vic Security Registration # 878-460-40S
Qld Security Firm Licence # 3834422

Join The Tribe

Sign up to receive our regular Agilient newsletter including the latest security, risk and resilience updates

Sign up now

Copyright © 2022 Agilient – Level 14, 275 Alfred St, North Sydney NSW 2060 Australia – 1300 341 692