Security sources have found that the European aerospace giant Airbus has been hit by a series of cyberattacks by hackers who targeted the company's suppliers in search of technical secrets, with suspicions the attack is linked to China. 

Two security sources involved in the investigation claim there have been four major attacks on Airbus within the last 12 months. The company has long been considered an attractive target to cybercriminals because of its cutting edge technologies and work as a strategic military supplier. 

The group admitted in January to a security incident that had resulted in unauthorized access to company data but has just recently been targeted through its suppliers - a sign that hackers are sniffing our weaknesses in the supply chain. 

Cybercriminals targeted Rolls-Royce, French technology supplier Expleo, and two other French contractors working for Airbus that AFP could not identify. Airbus and Rolls-Royce did not reply to AFP's request for comment and Expleo would neither confirm nor deny that it had been the target of a cyber attack. 

An anonymous source told AFP that the attack against Expleo was spotted at the end of 2018, but the group's system had been compromised well before then. "It was very sophisticated and targeted the VPN which connected the company to Airbus," the source said. 

Airbus suppliers sometimes operate in a VPN linking them with colleagues at the plane-maker.

The other cyber attacks used the same methods, with the first incident detected at a British subsidiary of Expleo, formerly known as Assystem, as well as Rolls-Royce, which supplies engines for Airbus planes.

Sources claim the hackers have shown interest in technical documents linked to the certification process for different parts of the Airbus aircraft. Documents have been compromised related to the engines of the Airbus military transport place A400M. This particular aircraft has some of the most powerful propeller engines in the world. 

Hackers have also shown interest in the propulsion systems for the Airbus A350 passenger jet and its avionics systems that control the plane. 

No sources were able to identify the perpetrators of the attacks since hackers are known to use tools to disguise their tracks or leave clues meant to throw the investigation off course and blame someone else. That being said, it's suspected Chinese hackers are responsible, given their history of stealing sensitive commercial information. 

Several sources believe a group of hackers linked to the Chinese Communist Party, known as APT10, are behind the attacks since Engines and avionics are "areas in which Chinese research and development is weak". But another source pointed to a group of Chinese hackers known as JSSD who focus specifically on the aerospace industry. 

These attacks show just how vulnerable Airbus is to intrusions through its global supplier network and the real value of its technology to foreign countries. It's important for companies to focus on investing in their own security foundation, but it's also important to make certain your suppliers and business partners are taking security just as seriously. If one member has weak security standards, you both are bound to suffer. 

You can learn about NNT's continuous Real-Time Breach Detection solution by visiting our website


The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)

[email protected]

United Kingdom

5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023

 [email protected]
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2024, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.