domenica 17 febbraio 2019

Airbus under attack! Industrial espionage by way of Supply Chain Attack?


First of all, let’s start with the facts,
January the 30th 2019: Airbus issues a press release announcing that the commercial sector of the company has come under cyber attack. It was a non authorized access to company data. Airbus reassures there won’t be any economic impact on the company operations.
Airbus, let us remember, is an European society with its headquarters in the Netherlands, active in the field of aircraft production and Space and Defense research. One of its activities is the cyber defense both for internal use and for its customers.
The press release continues saying that the attack is under analysis and Airbus's experts have already undertaken a number of necessary actions in order to strengthen the security measures,mitigate the impact of the attack and of course, to identify the source of the attack.
The press release ends with saying that the authorities, included Data Protection sector, have already been informed of the attack and reassuring that Airbus employees have been solicited to take the necessary precautions in order to continue their activities.
After a few days the press is already on the case.
On the 4th of February the newspaper “Challenges” reports that according to statements coming from public sources and other sources close to the company, the “modus operandi” used by the attackers is similar to the one used by a group of Chinese cyber group. It looks like the scope of the attack was to hijack technical documents relating aircraft certifications. The attack scheme is in fact similar to the APT 10 , or even more sophisticated.
It looks like the attack started in December was aimed to affect an Airbus supplier, and then move to the real objective. This theory is based on clues and it will be difficult to prove it.
Let’s notice that the company trend in the stock exchange wasn’t apparently affected by this attack.
Anyways, what happened shows how dangerous can a supply chain attack be, especially if aimed to strike a third party, usually a supplier of the main objective, with little or no cyber defense capabilities.
ALESSANDRO RUGOLO
(english translation by Francesco Rugolo)
Pictures :  https://www.airbus.com/
To know more about the topic:
- https://www.airbus.com/newsroom/press-releases/en/2019/01/airbus-statement-on-cyber-incident.html;
- https://www.challenges.fr/entreprise/transports/cyberattaque-contre-airbus-la-piste-chinoise-avancee_640396;
- https://www.mirror.co.uk/travel/news/breaking-airbus-cyber-attack-believed-13955680;
- https://www.fireeye.com/current-threats/apt-groups.html#apt10;
- https://www.cshub.com/attacks/articles/incident-of-the-week-airbus-reports-employee-data-hack;
- https://www.csoonline.com/article/3191947/data-breach/what-is-a-supply-chain-attack-why-you-should-be-wary-of-third-party-providers.html

Nessun commento:

Posta un commento