in Aerospace / Security

Airbus systems breached by cyber attack

Posted 31 January 2019 · Add Comment

Airbus SE reported it had detected a cyber incident that breached its Airbus commercial aircraft business information systems yesterday, resulting in unauthorised access to data but not affecting its commercial operations.

Airbus HQ at Toulouse.
Courtsey Airbus

It is believed that employee contact information was accessed in the security breach suffered by Airbus, which has said it is taking measures to improve its security defences.

In a statement Airbus said: 'This incident is being thoroughly investigated by Airbus’ experts who have taken immediate and appropriate actions to reinforce existing security measures and to mitigate its potential impact, as well as determining its origins. 
'Investigations are ongoing to understand if any specific data was targeted, however we do know some personal data was accessed. This is mostly professional contact and IT identification details of some Airbus employees in Europe.
'The company is in contact with the relevant regulatory authorities and the data protection authorities pursuant to the GDPR (General Data Protection Regulation). Airbus employees are being advised to take all necessary precautions going forward.'

Irra Ariella Khi, CEO of City-based VChain said: “The security breach against Airbus is another example that current processes for storing sensitive data are not fit for purpose. Holding data on centralised, vulnerabile systems is making it easy for hackers. We urgently need to move to systems built using privacy by design principles – where data security and obscurity are built into the system – and data is not in a box that is inevitably breached.

“Personal data of employees, operatives, or passengers held by those operating in the aviation industry is highly sensitive. The industry is highly regulated for a reason: data security is vital for ensuring safety. Whatever the motivation of the attack is, we should not be making it so easy to access data.

“Cyber defence is of course vital but breaches would be better prevented by not storing the data in an insecure way in the first place. Technology to better avoid such risks is increasingly available.”

Dan Turner, CEO of Malvern-based Deep Secure said: “The Airbus breach is likely to become just another fleeting reference in the constant stream of data breaches we’ll witness this year. Incidents like this show that, no matter how robust the company’s security defences, traditional cybersecurity solutions are unable to detect the growing number of zero-day and undetectable threats that cybercriminals are creating.

We must assume that hackers are better at attacking than we are at defending and that’s why we must go beyond the detect and protect approach to cybersecurity and focus on preventing attacks. Only this way can we – the cybersecurity industry – empower organisations to truly secure their data.”


* required field

Post a comment

Other Stories
Latest News

Air Partner awarded managed services contract by Airbus

Air Partner plc has been awarded a three-year contract by Airbus for managed services.

Pattonair renews an expanded contract with Rolls-Royce

Derby-based aerospace and defence supply chain provider, Pattonair, today announced the renewal and expansion of its Logistics and Parts supply agreement with Rolls-Royce until 2030.

UK and EU cooperate on DNA databases

Law enforcement agencies in the UK and across the EU will be able to search for matching samples on each otherís DNA databases under the Prum framework, assisting law enforcement agencies in Britain and the EU to identify criminals and

Police officers awarded Queen's Police Medal

Two serving police officers were awarded the Queen's Police Medal in Her Majesty's Birthday Honours.

Japan Airlines takes delivery of first A350 XWB

Japan Airlines (JAL) has taken delivery of its first A350 XWB at Airbus Headquarters in Toulouse, France.

CAA seek views on a decision-making process for PPR proposals

The UK Civil Aviation Authorityís (CAA) consultation on a decision-making process for PPR proposals will be closing on 7th July 2019.

ODU 0201311219
See us at
DSEI JP BT1605201119SMI ActiveP BT1206121119VIDSE BT1605060320SMI FAV BT1006141119