Airbus said on Friday (Sep 15) that it was investigating a hacking of data held on an IT account storing information on thousands of suppliers.
“Airbus has launched an investigation into a cyber event during which an IT account associated with an Airbus customer has been attacked,” the European aeronautics giant said.
“This account was used to download business documents dedicated to this customer from an Airbus web portal. Immediate remedial and follow-up measures were taken by our security teams to prevent our systems from being compromised,” the firm added.
The criminal, using the handle USDoD, recovered the contacts of 3,200 Airbus suppliers, including the likes of Thales and Rockwell Collins, according to the cybersecurity firm Hudson Rock.
The hacker was able to infiltrate the computer of a Turkish Airlines employee on August 21 and thereby get into the Airbus portal, Hudson Rock said.
Such cases “surged by an incredible 6,000 per cent since 2018, positioning them as the primary initial attack vector used by threat actors to infiltrate organisations and execute cyberattacks, including ransomware, data breaches, account overtakes, and corporate espionage,” the firm added.
The leak is nonetheless on a smaller scale than that which hit Airbus in 2019, when a series of attacks via several subcontractors primarily tried to get technical aeronautical certification documents. Those industrial espionage operations were suspected of being piloted from China.
“As a major high tech and industrial player, Airbus is also a target for malicious actors,” the company said.
“Airbus takes cybersecurity seriously and continuously monitors activities on its IT systems, has solid protection tools, skilled cyber experts and associated processes to protect the company by taking immediate and appropriate measures as and when needed.”