European heavyweights Airbus, Altran targeted by cyberattacks

01 Feb, 2019

European aerospace and defence group Airbus has launched an inquiry into the origin and targets of a cyberattack detected earlier in January, the same month that French IT consulting group Altran also saw attempts to breach its systems. An Airbus spokesman said Thursday that the attack was detected on January 6 and that personal data on some European personnel was targeted starting January 10, prompting it to inform France's data regulator CNIL the following day.
Under the EU's strict new General Data Protection Regulation (GDPR) enacted last year, companies must inform regulators within 72 hours if such attacks put personal data at risk. The Airbus inquiry is still underway to determine who was behind the attack, which focussed on the IT systems of its commercial aircraft division, the spokesman said. The group said no commercial operations were impacted by the breach, and that attackers appeared to be seeking contact and IT identification details of some of its 130,000 employees.
The inquiry also aims to determine if specific data was being targeted at a key player in Europe's defence and security industries. Airbus is a major supplier of military jets and weapons as well as communication and navigation satellites to European nations, generating revenue of 59 billion euros ($68 billion) in 2017. It also provides cybersecurity services for essential government networks and infrastructure.
Altran Technologies, one of the largest IT consulting firms in Europe, announced Monday that it had detected on January 24th an attack that impacted its operations on the continent. But unlike the Airbus attack, the hackers did not appear to be seeking personal data but rather access to files in "many European countries, including France." Although Altran said it had not detected any cases of stolen data, it had to shut down its IT networks "to protect our clients, employees and partners."
Security experts said Altran was targeted by a ransomware attack, which usually attempts to lock a person or company out of key data, or threaten to publish the private data, unless a payment is made. And because modern companies share network services across several sites, "the files on central servers can be infected quite quickly," said Ivan Fontarensky, head of cyberdefence at the French defence and electronics group Thales.
Altran has brought in outside experts to help determine the origin and extent of the attack, and said that so far it "has not identified any stolen data, nor instances of a propagation of the incident to our clients."

Read Comments