KnowBe4 Security Awareness Training Blog

Chinese Hackers Target Airbus Suppliers in Quest for Commercial Secrets

Written by Stu Sjouwerman | Sep 27, 2019 3:35:20 PM

European aerospace giant Airbus has been hit by a series of attacks by hackers targeting its suppliers in search of commercial secrets, sources told AFP, adding they suspected a Chinese link.

AFP spoke to seven security and industry sources, all of whom confirmed a spate of attacks in the past 12 months but asked for anonymity because of the sensitive nature of the information they were sharing.

Two security sources involved in investigating the hacking said there had been four major attacks. AFP's sources said the hackers targeted British engine-maker Rolls-Royce and the French technology consultancy and supplier Expleo, as well as two other French contractors working for Airbus that AFP was unable to identify.

Romain Bottan of the aerospace security specialist BoostAerospace said that hackers were always looking for weak links. "Very large companies are very well protected, it's hard to pirate them, so smaller companies are a better target," he said.

VPN Entry Point

The attack against Expleo was discovered at the end of last year but the group's system had been compromised long before, one of the sources told AFP on condition of anonymity. "It was very sophisticated and targeted the VPN which connected the company to Airbus," the source said.

According to several of the sources, the hackers appeared to be interested in technical documents linked to the certification process for different parts of Airbus aircraft.

They also said that several stolen documents were related to the innovative turbo-prop engines used on the Airbus military transport plane A400M. One of the sources said the hackers were also interested in the propulsion systems for the Airbus A350 passenger jet, as well as its avionics systems controlling the plane.

Achilles' Heel

The attacks show up the vulnerability of Airbus to intrusions via its global supplier network, and the value of its technology to foreign countries.

"The aerospace sector is the one that suffers most from cyberattacks, mostly through spying or people seeking to make money from this industry," said Bottan of BoostAerospace.

There is also a major industrial risk for Airbus, with hackers potentially able to knock out production for strategic suppliers which would have a knock-on effect on production.

"If someone wanted to slow down production, they can quickly identify the critical supplier, the single sources, which are unique in their role," one expert said.

Belgian aerospace design and manufacturing firm ASCO had an IT meltdown earlier this year caused by malware, and it took a month to restore its systems, one source said. That incident affected Airbus production. SecurityWeek has the whole story:

https://www.securityweek.com/hackers-target-airbus-suppliers-quest-commercial-secrets