Multiple Airlines Hit By Supply Chain Attack

Uploaded on 2021-03-17 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

A major aviation IT company has been breached in what appears to be a highly sophisticated, coordinated supply chain attack affecting multiple airlines and hundreds of thousands of passengers. SITA provides IT and telecoms services to around 400 members in the industry, claiming to serve around 90% of the global airline business. 

SITA has disclosed a data security breach involving their passenger service system servers. “We recognise that the COVID-19 pandemic has raised concerns about security threats, and, at the same time, cyber criminals have become more sophisticated and active” SITA said in a statement.

The company revealed that attackers had compromised passenger data stored on its SITA Passenger Service System servers in the US which operate passenger processing systems for airline clients.After confirmation of the seriousness of the data security incident on February 24 2021, SITA took immediate action to contact affected SITA PSS customers and all related organisations. 

  • Singapore Airlines released a statement this week to the same effect. Although the airline said it is not a customer of SITA, the attackers managed to compromise its KrisFlyer and PPS members’ data via a fellow Star Alliance member. 
  • Other airlines affected include Finnair who said 200,000 frequent flyers were affected. Unlike to the devastating data breach at British Airways in 2018, debit and credit card information was not taken, but the airline has advised customers to change their card account passwords.  
  • The hack is also thought to be part of an attack on ill-fated Malaysia Airlines, which found that ts frequent flyer programme had been compromised between 2010 and 2019.

Ran Nahmias, co-founder of threat intelligence firm Cyberpion, says the attacks highlight the risks involved in modern IT supply chains. “When you consider the need to monitor the potential risks across a vast ecosystem that includes vector-associated DNS management, cloud providers, web properties, encryption, certificates and mobile infrastructures, the modern IT organization is not prepared to monitor, let alone manage, that risk... When there is a lack of clearly defined oversight and management processes, hackers are able to operate freely and inflict significantly more damage.”

If you are the customer of an airline and have a Data Subject Access Request in relation to the handling of your personal data, this request must be made directly to that airline in accordance with GDPR and data protection legislation. SITA itself is unable to respond directly to such requests.

Singapore Air:          SITA:        Infosecurity Magazine:       YLE Finland

You Might Also Read:

Airline Faces £800m Penalty For Customer Data Breach:

 

« Britain Will Build Up Its Military Cyber Capabilities
GCHQ’s AI Report Has A Clear Message »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Webroot

Webroot

Webroot delivers next-generation endpoint security and threat intelligence services to protect businesses and individuals around the globe.

Oxygen Forensics

Oxygen Forensics

Oxygen Forensics offer the most advanced forensic data examination tools for mobile devices and cloud services.

Armor

Armor

Armor provide managed cloud security solutions for public, private, hybrid or on-premise cloud environments.

Cyber Security Specialists

Cyber Security Specialists

Cyber Security Specialists Limited provide Security services across a wide range of markets, from multi-national Corporate Organisations and Government Agencies, through to smaller Businesses.

Kippeo Technologies

Kippeo Technologies

Kippeo is a security systems integrator providing innovative solutions that look at all the parameters and connect all the dots.

White Bullet

White Bullet

White Bullet’s risk profiling AI detects, dynamically scores and flags unsafe domains, apps and advertising.

Razorpoint Cybersecurity

Razorpoint Cybersecurity

Razorpoint’s world-class security experts have provided advanced, effective cybersecurity expertise to corporate and public-sector organizations around the world.

SecureStack

SecureStack

SecureStack helps software developers find security & scalability gaps in their web applications and offers ways to fix those gaps without forcing those developers to become security experts.

Urbane Security

Urbane Security

Urbane Security is a premier information security consultancy empowering the Fortune 500, small and medium enterprise, and high-tech startups.

Cyber Defence Solutions (CDS)

Cyber Defence Solutions (CDS)

Cyber Defence Solutions is a cyber and privacy Consultancy with extensive experience in the development and implementation of cyber and data security solutions to your assets.

Hybrid Identity Protection Conference (HIP)

Hybrid Identity Protection Conference (HIP)

Hybrid Identity Protection (HIP) is the premier educational forum for identity-centric cybersecurity practitioners charged with defending hybrid cloud environments.

UncommonX

UncommonX

UncommonX offers enterprise-class cybersecurity protection for mid-size organizations by combining adaptive threat and intelligence software with 24/7 industry experts.

Nextgen Group

Nextgen Group

Nextgen Group is a pioneering technology services group with innovative and unique services across enterprise software, cloud, data management, and cybersecurity solutions.

Probity

Probity

Probity Inc. is a certified software development and systems engineering company, providing support to federal government and national defense related clients.

Contextal

Contextal

Contextal develops cutting-edge open-source cybersecurity solutions, designed to connect the dots and detect complex threats, which slip through the existing protections.

SentryMark

SentryMark

Stay a Step Ahead of Emerging Threats. Deviate from the traditional siloed defenses and get the proactive and responsive cybersecurity solutions and services you deserve with SentryMark today.