In a recently published statement, Airbus claimed they detected a cyber intrusion on Airbus “Commercial Aircraft business” information systems, resulting in unauthorized access to data. The aerospace giant recognized the need to comply with the GDPR (General Data Protection Regulation) and disclosed the breach to regulators within 72-hours of discovering the incident.
The investigation is currently ongoing, but they have confirmed personal data belonging to some Airbus employees in Europe was accessed. The employee data accessed was mostly professional contact and IT identification details.
Airbus staffs over 130,000 individuals worldwide. All employees have been instructed to “take all necessary precautions going forward”, but there is currently no word on whether the intrusion was more serious in scope.
Airbus is the world’s leading manufacturer of commercial aircraft for carries, delivering over 800 planes to 93 customers in 2018 alone. Experts have noted this could make the IP of great value to attackers. Airbus insists the attack has had “no impact” on its commercial operations.
According to a recent Verizon study, 94% of unauthorized data access comes through compromised servers. Knowing your assets and securing configurations for servers and networks devices deployed in your IT infrastructure has never been more important. Using hardening guidance from trusted sources like the Center for Internet Security (CIS) Benchmarks can help eliminate these types of security risks.
NNT is one of a handful of CIS Certified Vendors, providing CIS guidance straight out-of-the-box and leveraging these resources in our products to improve our customers' security posture. Since 2014 our flagship solution Change Tracker Gen7 R2 has been awarded CIS Security Software Certification for CIS Security Benchmarks across all Linux and Windows platforms, Unix and Database Systems, Applications and Web Servers.