Airbus hacked through supplier VPNs

Aerospace giant Airbus has been hit by a series of cyberattacks by hackers who targeted VPNs used by its suppliers in an effort to steal sensitive company data.

Over the course of the last 12 months, the European company has been the target of four major attacks. Airbus is a particularly tempting target for hackers because of its cutting-edge technologies and the fact that it is one of the world’s largest commercial plane manufacturers as well as a military supplier.

The company admitted in January that it had suffered a security incident that “resulted in unauthorized access to data” but those familiar with the attacks revealed that Airbus was the focal point of a much larger operation carried out over the last year.

In an attempt to gain access to Airbus’ sensitive data, hackers targeted Rolls-Royce which manufacturers engines for the company, the French technology supplier Expleo and two other unnamed French contractors.

Supplier VPNs

The cyberattack against Expleo was discovered at the end of last year but an anonymous source revealed to AFP that the company’s systems had been compromised long before, saying: “It was very sophisticated and targeted the VPN which connected the company to Airbus”.

While a VPN can be used to protect your privacy online and hide your browsing activity from ISPs and governments, they are also used by company’s to give third-party suppliers remote access to their systems as was the case with Expleo, Rolls-Royce and the other contractors who were targeted in the attacks against Airbus.

According to several sources, the hackers went after Airbus’ suppliers in an attempt to obtain technical documents related to the certification process for different parts of the aerospace company’s aircraft. Additionally, several stolen documents were related to the engines of the Airbus A400M which is a military transport plane.

Those behind the attacks have yet to be identified but many suspect Chinese hackers were responsible as they have a track record of stealing sensitive company data. The state-sponsored hacking group APT10 as well as the Chinese hacker group JSSD could potentially be behind these attacks but no hard evidence has been discovered to link either group to the attacks.

  • Also check out the best VPN services of 2019

Via Computer Weekly

Have a comment? Type it below!