European heavyweights Airbus, Altran targeted by cyberattacks
European aerospace and defence group Airbus has launched an inquiry into the origin and targets of a cyberattack detected earlier in January 2019, the same month that French IT consulting group Altran also saw attempts to breach its systems.
An Airbus spokesman said Thursday that the attack was detected on 6 January and that personal data on some European personnel was targeted starting 10 January, prompting it to inform France's data regulator CNIL the following day.
Under the EU's strict new General Data Protection Regulation (GDPR) enacted last year, companies must inform regulators within 72 hours if such attacks put personal data at risk.
The Airbus inquiry is still underway to determine who was behind the attack, which focused on the IT systems of its commercial aircraft division, the spokesman said.
The group said no commercial operations were impacted by the breach, and that attackers appeared to be seeking contact and IT identification details of some of its 130,000 employees.
The inquiry also aims to determine if specific data was being targeted at a key player in Europe's defence and security industries.
Airbus is a major supplier of military jets and weapons as well as communication and navigation satellites to European nations, generating revenue of €59 billion ($68 billion) in 2017.
It also provides cybersecurity services for essential government networks and infrastructure.
Altran Technologies, one of the largest IT consulting firms in Europe, announced Monday that it had detected on 24 January an attack that impacted its operations on the continent.
But unlike the Airbus attack, the hackers did not appear to be seeking personal data but rather access to files in ‘many European countries, including France.’
Although Altran said it had not detected any cases of stolen data, it had to shut down its IT networks ‘to protect our clients, employees and partners.’
Security experts said Altran was targeted by a ransomware attack, which usually attempts to lock a person or company out of key data, or threaten to publish the private data, unless a payment is made.
And because modern companies share network services across several sites, ‘the files on central servers can be infected quite quickly,’ said Ivan Fontarensky, head of cyber defence at the French defence and electronics group Thales.
Altran has brought in outside experts to help determine the origin and extent of the attack, and said that so far it ‘has not identified any stolen data, nor instances of a propagation of the incident to our clients.’
The company's clients operate in a wide range of sectors including defence, energy and infrastructure industries and like Airbus, it also offers cybersecurity services.
The EU moved to require companies to inform regulators of personal data breaches after accusing several high-profile companies of failing to inform users that passwords or personal data had been compromised by hackers.
Experts say such disclosures are bound to increase in coming years as the digital economy takes hold in more countries and sectors.
Airbus will run the UK Ministry of Defence’s (MoD’s) land C4ISR test centre under a £22 million, five-year contract announced on 19 July.The contract will ...
L3Harris Technologies has been named on the US Army’s R4 Electronic and Cyber Warfare IDIQ contract. The R4 programme aims to develop and maintain the ...
The capabilities that space flight and technology can bring to the military arena are still relatively infant at this time but infinite possibilities remain as ...
The US Navy has exercised an option with Raytheon for long-lead work to support the production of two AN/SPY-6(V) radar configuration variants. Raytheon will prepare ...
Raytheon has submitted its proposal for the Lower Tier Air and Missile Defense Sensor (LTAMDS) to the US Army.The army is seeking a new air ...
The vehicles being supplied to Belgium under the Scorpion programme will be equipped with Thales vehicle electronics, the company announced on 16 July. A total ...