Security sources have found that the European aerospace giant Airbus has been hit by a series of cyberattacks by hackers who targeted the company's suppliers in search of technical secrets, with suspicions the attack is linked to China. 

Two security sources involved in the investigation claim there have been four major attacks on Airbus within the last 12 months. The company has long been considered an attractive target to cybercriminals because of its cutting edge technologies and work as a strategic military supplier. 

The group admitted in January to a security incident that had resulted in unauthorized access to company data but has just recently been targeted through its suppliers - a sign that hackers are sniffing our weaknesses in the supply chain. 

Cybercriminals targeted Rolls-Royce, French technology supplier Expleo, and two other French contractors working for Airbus that AFP could not identify. Airbus and Rolls-Royce did not reply to AFP's request for comment and Expleo would neither confirm nor deny that it had been the target of a cyber attack. 

An anonymous source told AFP that the attack against Expleo was spotted at the end of 2018, but the group's system had been compromised well before then. "It was very sophisticated and targeted the VPN which connected the company to Airbus," the source said. 

Airbus suppliers sometimes operate in a VPN linking them with colleagues at the plane-maker.

The other cyber attacks used the same methods, with the first incident detected at a British subsidiary of Expleo, formerly known as Assystem, as well as Rolls-Royce, which supplies engines for Airbus planes.

Sources claim the hackers have shown interest in technical documents linked to the certification process for different parts of the Airbus aircraft. Documents have been compromised related to the engines of the Airbus military transport place A400M. This particular aircraft has some of the most powerful propeller engines in the world. 

Hackers have also shown interest in the propulsion systems for the Airbus A350 passenger jet and its avionics systems that control the plane. 

No sources were able to identify the perpetrators of the attacks since hackers are known to use tools to disguise their tracks or leave clues meant to throw the investigation off course and blame someone else. That being said, it's suspected Chinese hackers are responsible, given their history of stealing sensitive commercial information. 

Several sources believe a group of hackers linked to the Chinese Communist Party, known as APT10, are behind the attacks since Engines and avionics are "areas in which Chinese research and development is weak". But another source pointed to a group of Chinese hackers known as JSSD who focus specifically on the aerospace industry. 

These attacks show just how vulnerable Airbus is to intrusions through its global supplier network and the real value of its technology to foreign countries. It's important for companies to focus on investing in their own security foundation, but it's also important to make certain your suppliers and business partners are taking security just as seriously. If one member has weak security standards, you both are bound to suffer. 

You can learn about NNT's continuous Real-Time Breach Detection solution by visiting our website


NNT Suite of Products

change tracker gen7r2 logo

Combine industry leading Device Hardening, File Integrity Monitoring, Change Control, Configuration Management & Compliance Management into one easy to use solution that can scale to the most demanding environments!

fastcloud logo

Automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology) Integrity Assurance.

log tracker logo logo

Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds.

vulnerability tracker logo

Continuously scan and identify vulnerabilities with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

USA Offices
NNT logo New Net Technologies LLC
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
1175 Peachtree St NE
Atlanta, Georgia, 30361.

Tel: (844) 898-8358
email [email protected]
UK Office
NNT logo New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire

Tel: 01582 287310
email [email protected]
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified IBM Security
Copyright 2020, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.