Chinese hackers are suspected of targeting aircraft manufacturer Airbus’ suppliers for commercial secrets
According to a recent report by international news agency AFP, over the past 12 months European aerospace company Airbus was hit by several cyberattacks. The suspected Chinese hackers allegedly targeted the aerospace vendor’s suppliers for commercial secrets.
There have been four attacks on Airbus suppliers over the last year, according to AFP. One occurred earlier this year in January. In a statement at the time, Airbus said some of its systems were breached in the cyber attack:
“Airbus SE (stock exchange symbol: AIR) detected a cyber incident on Airbus “Commercial Aircraft business” information systems, which resulted in unauthorized access to data. There is no impact on Airbus’ commercial operations.
This incident is being thoroughly investigated by Airbus’ experts who have taken immediate and appropriate actions to reinforce existing security measures and to mitigate its potential impact, as well as determining its origins.
Investigations are ongoing to understand if any specific data was targeted, however, we do know some personal data was accessed. This is mostly professional contact and IT identification details of some Airbus employees in Europe.
The company is in contact with the relevant regulatory authorities and the data protection authorities pursuant to the GDPR (General Data Protection Regulation). Airbus employees are being advised to take all necessary precautions going forward.”
Airbus is one of the largest commercial plane manufacturers in the world, holding a number of military contracts.
The company’s targeted suppliers include British engine-maker Rolls-Royce and the French technology consultancy Expleo. The Expleo attack was uncovered at the end of 2018, but according to AFP the company’s system had already been compromised for some time. The hackers apparently targeted the system’s virtual private network (VPN), which allows employees to access company systems remotely.
The AFP report speculates that the hackers were interested in technical documents linked to the certification process for different parts of Airbus aircrafts. They stole documents referencing engines of the A400M Airbus military transport plane. The hackers also targeted Airbus’ propulsion systems and avionics systems for its A350 passenger jet.
While AFP’s security sources couldn’t confirm the source of the attacks, they said the hackers resembled several groups linked to Chinese intelligence. Potential suspects include a group of hackers linked to the Chinese Communist Party, known as APT10 and a group of hackers known as JSSD, which are believed to operate under the regional security ministry in Jiangsu.
This wouldn’t be the first time JSSD hackers targeted the aerospace industry. Last October, the United States Department of Justice claimed several JSSD officers were responsible for a hacking operation targeting an engine being developed by U.S.-based General Electric and French aerospace group Safran.
“Chinese intelligence officers and those working under their direction, which included hackers and co-opted company insiders, conducted or otherwise enabled repeated intrusions into private companies’ computer systems in the United States and abroad for over five years,” the Justice Department said in a statement. “The conspirators’ ultimate goal was to steal, among other data, intellectual property and confidential business information, including information related to a turbofan engine used in commercial airliners.”
However China has rejected allegations tying it to the Airbus attacks. “In recent years, there have been many reports about cyberattacks in the media. In these reports, without any evidence, the parties concerned always pin the label of cyberattack on China and smear China,” foreign ministry spokesman Geng Shuang said at a news briefing on Sept. 27. “The practice is neither professional nor responsible, and even has ulterior motives.”