EUROPEAN AEROSPACE OUTFIT Airbus has been hit by a new series of cyber attacks targeting the company's suppliers.
Citing security sources, a report by AFP claims that four major attacks on Airbus have been detected over the past 12 months, possibly carried out by a Chinese state-sponsored hacking group.
Earlier in January, Airbus disclosed that it had detected a "cyber incident" in its Commercial Aircraft business's IT systems, which resulted in unauthorised access to data.
However, the current cyber operation appears to be much bigger in scale than that attack, AFP sources said.
The sources revealed that in the past 12 months, attacks have been carried out against French tech supplier Expleo, British engine-maker Rolls-Royce and two other French firms, apparently trying to locate weak links in the Airbus supply chain with the eventual aim of infiltrating the aerospace company's networks.
One source told AFP that the attack against Expleo was uncovered at the end of 2018, although attackers had compromised Expleo's computer systems long before through the VPN that company's employees use to connect to Airbus.
Attackers used the same tactics to target Rolls-Royce as well as Assystem, a British subsidiary of Expleo.
It appears that attackers' primary aim was to steal intellectual property related to the certification process for various parts of Airbus aircrafts as well as technical information related to the engines of the military transport aircraft A400M and A350 airliner.
The AFP report did not say whether the cyberattacks against Airbus suppliers actually led to data breaches or affected Airbus operations.
In a court filing last year, US prosecutors alleged that Chinese hackers and intelligence agencies stole technical secrets about a jet engine from an unnamed private company. The description of that unnamed company in the court documents matches CFM, a joint venture of General Electric and Safran, which supplies aircraft components to Airbus.
China's APT10 has been named as a likely suspect in some reports. This is the same group suspected of recent cyberattacks on several utility companies and mobile carriers in the US.
However, China has repeatedly denied the involvement of its agencies in hacking operations against foreign companies.
An Airbus spokesman said the company was aware of cyber campaigns being carried out by hackers in an effort to compromise the company's systems. They added that the IT security teams of the company have been continuously monitoring such threats and taking all necessary steps to protect the systems. µ
Watch your back, Huawei
Porn-based prattery gets fisted
As long as it follows the rules
The Home in the home could be a legal minefield