Airbus is known in the world for making state of the art aerospace products for civil aviation and military aviation. The organization has been struck with a massive data breach. Due which employee data records have been leaked as well. Airbus is the second largest manufacturer of commercials airplanes after Boeing. Boeing was also hit by a malware breach of WANNACRY ransomware in March 2018.
Airbus stated that the data was leaked from
Airbus ‘commercial aircraft business’ information system. Due to which unauthorized access to data had taken place. But there was no issue with the commercial operations of Airbus. The ID’s & contacts of its employees was leaked in the breach.
The organization is handling the investigation itself with their cyber security experts. Airbus has taken appropriate measures to contain the issue and to control the intended damage, they are also trying to find out from where the attack originated from. It was also stated by the organization that it could not be pin pointed that was the attack initiated for a specific data breach.
The cyber-attack has been contained in such a way by Airbus. That it doesn’t seem like a major incident.
“Investigations are ongoing to understand if any specific data was targeted; however we do know some personal data that was accessed, “Airbus stated in its press release on Wednesday.
Max Vetter of Immersive Labs stated that “A huge amount of capital is poured into the R&D stage in such organizations, a cost which malicious actors can circumvent by trying to steal the resulting data,” he also added “It is known that some nation states have been using this kind of espionage to speed up the production of technology for years. For this reason, it is crucial that technical countermeasures and cyber skills are continually refined to keep pace with attackers,”
The organization has carried out certain SOP’s after the breach that such a breach doesn’t take place again and strengthen their security defenses.
Airbus has already gotten in contact with the regulatory authorities and GDPR data protection authorities of Europe.
Irra Ariella Khi the CEO of VChain believes that the breach that took place at Airbus states that sensitive data shouldn’t be stored in the manner which it was.
She stated “Personal data of employees, operatives, or passengers held by those operating in the aviation industry is highly sensitive. The industry is highly regulated for a reason: data security is vital for ensuring safety. Whatever the motivation of the attack is, we should not be making it so easy to access data,”
It was a valid point that such big organizations should take cyber security seriously. As it contains a lot of sensitive data that if fallen into wrong hands can effect adversely a lot of people.