Security News > 2021 > June > Monumental Supply-Chain Attack on Airlines Traced to State Actor
A monster cyberattack on SITA, a global IT provider for 90 percent of the world's airline industry, is slowly unfurling to reveal the largest supply-chain attack on the airline industry in history.
The enormous data breach, estimated to have already impacted 4.5 million passengers, has potentially been traced back to the Chinese state-sponsored threat actor APT41, and analysts are warning airlines to hunt down any traces of the campaign concealed within their networks.
SITA announced the attack in March, and soon after Singapore and Malaysia Airlines were the first airlines to disclose that their customers' personal data had been exposed.
Adding in Air India's customers, the SITA attack has now impacted 4.5 million people, the report said.
Group-IB said the Air India attack persisted for at least two months and 26 days.
The researchers were able to tie APT41-controlled IP addresses to those used the Air India attack, and said the incident showed similarities with the SITA attack and others carried out by APT41.
News URL
https://threatpost.com/supply-chain-attack-airlines-state-actor/166842/
Related news
- North Korea targets crypto developers via NPM supply chain attack (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access (source)
- GitHub supply chain attack spills secrets from 23,000 projects (source)
- Supply chain attack on popular GitHub Action exposes CI/CD secrets (source)
- Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos (source)
- GitHub Action hack likely led to another in cascading supply chain attack (source)
- GitHub Action supply chain attack exposed secrets in 218 repos (source)
- Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed (source)
- ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More (source)