According to a 26 September AFP report Airbus was once again the victim of a nation-state cyber-attack. Referring to security sources, the news agency reported that a group of state-sponsored hackers were linked to attacks on key vendors to steal their secured data.
These attacks appear to be part of an ongoing campaign that has had four successes in the past year against Airbus’ main suppliers. Personnel data and intellectual property associated with the company’s military and passenger aircraft are under threat. This is probably large-scale industrial espionage, as China is fighting for technological advancement.
The report mentioned that Rolls-Royce and Expleo as confirmed targets as well as two other French contractors that AFP has failed to identify. Neither party has yet made detailed statements on the reports.
One of the most worrying elements of this new report is the conclusion that a virtual private network linking suppliers to Airbus could have been the starting point for the attack. The aim of such a system is to keep traffic away from open networks and eliminate any possibility of compromise. The fact that the backup failed so dramatically when it occurred would be a shock to the system.
The hackers seem to be targeting the technical details of the military A400M and the passenger A350. The hacked information clearly provides enough data to copy the innovation, but will also allow a potential adversary to identify security vulnerabilities. This is more worrying in the case of a military aircraft than in the case of a passenger plane in the hands of a nation state like China.
The Chinese APT10 has been identified as a suspect in some reports. This is the same group that has been suspected to be behind several recent attacks on US utilities and cell networks. Although the methods used in the cyberattacks were similar to those used by APT10 no one can yet prove that they are the culprit so far. The group is known for its long-term and ongoing threat campaigns that collect information for the long term. The Cyberattacks against Airbus and its suppliers are believed to have been going for quiet sometimes already.
This news will revive the specter of supply chain risk in China and reveal whether it is safe to use Chinese technology in basic industries, critical infrastructure, and even the military itself – an audit by the U.S. Department of Defense a few weeks ago revealed that the purchase of Chinese technical equipment is still taking place.
According to Bloomberg, Airbus stated that it had taken steps to protect itself against cyber-attacks that affect both the company and its subcontractors.