Airspace Safety Alerts Disruption Caused by Cyberattacks

On November 2nd, a Boeing subsidiary responsible for delivering airspace safety alerts to pilots experienced flight planning outages caused by a cybersecurity breach.

Jeppesen, an organization that distributes electronic alerts to air mission bulletins and applications for in-flight management tasks, posted a banner notice on their website stating that the company was “currently experiencing technical issues with some of our products, services and communications channels.”

The technical issue was caused by a cyberattack whose nature Boeing refused to disclose. Some disruptions impacted the receipt and processing of airspace safety alerts.

According to the Information Security Media Group, a company spokesperson said, “At this time we have no reason to believe that this incident poses a threat to aircraft or flight safety.”

Other sources for airspace safety alerts include the U.S. Federal Aviation Administration and the International Civil Aviation Organization.

A month ago, the pro-Russian political hacking group claimed to be responsible for distributing denial-of-service attacks that caused many major U.S. airports’ public websites to be offline. The aviation industry sees the effects of cyberattacks.

A 2021 report by The European Organization for Safety of Air Navigation found an alarming rise in the number of cyber incidents within the sector, mainly trained on airlines. The report states, “Attacks are up in all threat categories, and better reporting alone does not fully account for the 530% year-on-year rise in reported incidents.”

The organization in charge of coordinating air traffic across Europe says the aviation sector receives ransomware attacks at a rate of one a week.

In May, an attempted ransomware attack on the Indian passenger airline, SpiceJet, caused service delays.

Cybersecurity incidents are not new to SpiceJet since they have experienced other cyber incidents in the past. In February 2020, a security researcher gained access to SpiceJet’s unencrypted database backup file that contained the private information of over 1.2 million passengers.

The cyberattack that disrupted the airspace safety alerts is not the first attack that Boeing has experienced. In 2018, the company was infected by the WannaCry ransomware cryptoworm. According to the Seattle Times, a Boeing spokeswoman says that the infection had limited effect. She said, “We deployed software patches. There was no interruption to the 777 jet program or any of our programs,” she said.”

Jeppesen has successfully completed a full restoration after the incident, a welcome announcement to pilots utilizing their flight optimization tools. Jeppesen’s products and services are now all working as usual and providing accurate data.

At Abacode, we provide 24/7/365 eyes-on-glass monitoring. We have a team of US-based cybersecurity professionals and industry-leading cloud-native SIEM & AI platforms (i.e. Splunk, LogRhythm, QRadar, AlienVault, and Darktrace) to provide real-time visibility of your entire threat landscape to help prevent against these types of attacks. If you are in the aviation or transportation industry and need help, contact us today.