A recent report claims that aerospace giant Airbus – a major designer and manufacturer of commercial aircraft, helicopters, military transports, satellites and launch vehicles – has suffered at least four major cyberattacks in the last 12 months. The relentless attacks demonstrate the enormous potential for disruption and intrusion in the industry and highlights the need to truly value your data.
The world’s second-largest aerospace group and the company responsible for a large proportion of the world’s weapons manufacturing, Airbus has admitted that it is a target for malicious actors but has kept tight-lipped on any further details. In January, the company released a statement regarding a cyberattack that had led to “some personal data” being stolen, but reassured customers that the information stolen was simply the “professional contact and IT identification details of some Airbus employees in Europe”.
What we know now is that this attack was likely the tip of the iceberg, and part of a 12 month effort from hackers to pry open the company’s IT security in order to access technical documents and sensitive data.
The report confirmed that Airbus was recently attacked via four of its contractors, naming only British engine designer Rolls-Royce and French technology consultants Expleo as targets. Utilising vulnerabilities in the computer systems of Airbus’ global supplier network, the hackers gained access and appeared to be searching for information regarding engines, including those for the A400M military transport aircraft and the A350 airliner. The former is a £150 million engine currently used by French, German and Spanish Royal Air Forces. At this point, it is unclear whether the cyber-attack was successful, and the company itself has provided little information on the extent and nature of the attacks.
What is clear, however, is that aerospace companies are one of the many prime targets for hackers hoping to steal incredibly valuable data and technology, and they continue to be vulnerable through lax security measures and poor supply chain governance.
Joining The Group
Last year, American prosecutors listed 13 unnamed aerospace companies across America, UK, Australia and France as targets in a sophisticated cyber-attack. In the previous year, hackers stole sensitive data regarding Australia’s $14 billion Joint Strike Fighter program and the next fleet of spy planes and naval warships from a Defence subcontractor, reportedly using a common tool known as a “China Chopper”.
Airbus’ American rival Boeing was a victim of the infamous WannaCry attack in 2018, and in June this year the Belgium-based aircraft manufacturer ASCO Industries was crippled by a ransomware attack that took a month to remove and restore. Additionally, it was revealed recently that a UN standards body known as ICAO also had its networked breached in November 2016, compromising the entire IT system and leading to subsequent attacks among member states.
Cathay Pacific made headlines in 2018 when it admitted to facing an intense 3 month cyber-attack that compromised the data of 9.4 million customers, resulting in the leaking of customer names, dates of birth, nationalities, email, addresses, phone numbers, passport numbers, identity cards and historical travel information. Just months prior, British Airways apologised to customers after hackers stole details of around 380,000 card payments through vulnerabilities in the company’s website and app.
Lessons To Be Learned
These attacks are a small yet harrowing reminder that the information held within the aerospace industry is remarkably valuable, ranging from personal information and military secrets to technological data. Because of the variety of data available, the malicious intentions of attackers will vary widely, as will their source, often making their detection and attribution intensely difficult.
Considering the sheer number of threat actors in this industry alone, it is vital to ensure your company is secure by design from the top to the bottom. From IT systems through to supply network security, the aerospace industry must be able to defend against a variety of sophisticated attacks by using effective governance and security planning. Industry stakeholders often turn to ISO standards such as the ISO/IEC 27001:2013 and the IEC 62443 series of standards. In the end, it takes attention to detail and a holistic approach to security in order to develop effective measures in the aerospace industry. Elements such as stakeholder input, standards implementation and guided integration of security measures make all the difference in the process.
Contact Agilient today to see how we can enhance your security and add value to your business.
Author: Elsa Chapple, Agilient Consultant