Aerospace

Scandinavian Airlines (SAS) has posted a notice warning a cyberattack caused some form of a malfunction on the airline's online system. The attack caused passenger data to become visible to other passengers. This data includes contact details, previous and upcoming flights, as well the last four digits of the credit card number.

The attack on SAS was claimed by a group of so-called hacktivists called 'Anonymous Sudan'. The hackers stated they attacked SAS due to an event that took place in front of the Turkish embassy in Stockholm, Sweden.

Boeing looks like it may be the latest victim of the WannaCry ransomware.
The company, however, said it detected only what it calls “limited malware intrusion” impacting a “small number of systems.”
The ransomware first hit Boeing Wednesday and Mike VanderWel, chief engineer at Boeing Commercial Airplane production engineering, sent out a memo to warn the infection could even affect airplane software.
“It is metastasizing rapidly out of North Charleston and I just heard 777 (automated spar assembly tools) may have gone down,” VanderWel was quoted as saying in The Seattle Times.

Jeppesen, a wholly-owned Boeing subsidiary that provides navigation and flight planning tools, confirmed on Thursday that it is dealing with a cybersecurity incident that has caused some flight disruptions. Receipt and processing of so-called notice to air missions, which inform pilots and airlines about potential hazards during flights, have also been impacted, Jeppesen wrote.

Boeing has declined to comment on what caused the cyberattack or the full scope.

Sunwing Airlines CEO, Mark Williams, revealed that the system the airline uses for check-ins and boarding was “breached” over the Easter long weekend. “A system that is up and running all the time, which never fails, was hacked,” Williams told CP24.

After 5 days, delays still occurring as service is restored. Williams told CP24 that due to the sensitive information that might have been breached, government agencies want to ensure that the breach has been remediated before resuming operations.

188 flights, thousands of passengers stuck and delayed when check-in systems taken offline, for 5+ days.

PAX reports the company targeted by the cyber attack was Illinois-based Airline Choice, which provides airline check-in and passenger security solutions.

Low-cost Indian airline SpiceJet has informed its customers today of an attempted ransomware attack that has impacted some of its systems and caused cascading delays on flight departures. The airline announced on its social media channels that its IT team managed to thwart the attack. However, multiple customer reports on Twitter and Facebook still reflect ongoing problems, highlighting flight delays, saying that customer service via phone is unreachable, and the bookings system remains unavailable.

In 2021, SpiceJet went through severe financial trouble result of grounding its fleet due to COVID-19 restrictions. It is easy to assume that this dire financial situation didn't leave much margin for investing in cybersecurity and incident response, which might be what allowed the ransomware actors in this case to launch a successful attack. (reports Bleepingcomputer.com - link below)

* "planes grounded/delayed >5hrs" based on total downtime of all reports. Actual passenger reports suggest shorter individual delays

Global IT services company, Inetum Group, suffered a ransomware attack December 19, impacting operations in France.
While the global company suffered the hit in France, its operations were ongoing in other parts of the world. Among the multiple sectors the company works with are energy and utilities, aerospace, automotive, and chemicals and life sciences. The company said none of the main infrastructures, communication, collaboration tools or delivery operations for its clients ended up affected.

Personal data of an unspecified number of travelers has been compromised after a company that serves India’s national carrier was hacked, Air India said.
The hackers were able to access 10 years’ worth of data including names, passport and credit card details from the Atlanta-based SITA Passenger Service System, Air India said in a statement Friday.

Budget airline, easyJet, said hackers had accessed the email and travel details of around nine million customers, as well as the credit card details of more than 2,000 of them, in a “highly sophisticated” attack.

Global aircraft producer, Bombardier, fell victim to a cybersecurity breach where an attacker accessed and extracted data by exploiting a vulnerability affecting a third-party file-transfer application.
Upon learning of the attack, Montreal, Canada-based Bombardier initiated its response protocol and as a part of its investigation, Bombardier brought in cybersecurity and forensic professionals.

A precision parts maker for space and defense contractors has confirmed a “cybersecurity incident,” which TechCrunch has learned was likely caused by ransomware.
Visser Precision, a Denver, Colorado-based manufacturer, makes custom parts for a number of industries, including automotive and aeronautics. In a brief statement, the company confirmed it was “the recent target of a criminal cybersecurity incident, including access to or theft of data.”