An investigation on the incident has been initiated
Airbus, a major aviation company, has
revealed a hacking incident that resulted in employees’ data theft. According to network security and ethical
hacking specialists from the International Institute of Cyber Security, the
company detected the incident in their systems and concluded that there was an
unauthorized access; however, the attackers did not manage to compromise the
Airbus commercial operations.
“The incident has been investigated by our
experts, who have taken the necessary steps to reinforce our security and
mitigate the potential impact, and we are also working to find the origin of
the attack”, Airbus mentioned.
The company admits that it is still unaware of
the real impact of the incident, so it is not possible to list the information
that the attackers have accessed to. “Our network
security team is conducting research to determine if the attackers were
looking for any specific data groups, so far we can only say that personal data
has been compromised during the incident, mainly the information of some of the
Airbus employees in Europe.”
European data protection legislation, known as GDPR,
requires companies to report these incidents to the authorities within the
first 72 hours after they’re discovered. The company claims that it has been
conducted in accordance with this legislation.
The way the attackers accessed Airbus systems
is still unknown, although some network security specialists believe that the
attack could begin with simple phishing techniques applied against the
company’s personnel. “Airbus has issued recommendations for employees to take
their precautions when working online,” says the company.
Some media handle the version that these attacks have a political motivation because of the exit of the United Kingdom of the European Union (Brexit). The company’s stance on the Brexit has generated concern and controversy, as Airbus has threatened to withdraw its operations from the European Union if the United Kingdom fails to achieve a satisfactory exit agreement. “Airbus could make detrimental decisions for the UK if the Brexit does not include a good deal,” said Tom Enders, CEO of the company.
Airbus UK generates around 15k jobs in the UK,
so the Brexit would impact directly on the Airbus plant in Wales, where more than
5k people work, as well as in Filton, England, where the company employs
another 3k British citizens. Enders believes that the British aerospace market
is at the edge of the precipice because of the uncertainty generated by the
lack of an agreement to leave the European Union.
Although these could politically motivated
attacks, it is a fact that aeronautical companies are an attractive target for
cybercriminals, especially because of the intellectual properties that protect
these companies.
For example, in 2014, the FBI accused three Chinese
citizens of hacking against Boeing and other military contractor companies; hackers
were trying to steal commercial secrets from the company’s planes.
Hackers remained within the Boeing network for
at least one year before being discovered, stealing blueprints from some
aircraft models, among other confidential information.
