Security News > 2021 > June > Monumental Supply-Chain Attack on Airlines Traced to State Actor

Monumental Supply-Chain Attack on Airlines Traced to State Actor
2021-06-11 14:23

A monster cyberattack on SITA, a global IT provider for 90 percent of the world's airline industry, is slowly unfurling to reveal the largest supply-chain attack on the airline industry in history.

The enormous data breach, estimated to have already impacted 4.5 million passengers, has potentially been traced back to the Chinese state-sponsored threat actor APT41, and analysts are warning airlines to hunt down any traces of the campaign concealed within their networks.

SITA announced the attack in March, and soon after Singapore and Malaysia Airlines were the first airlines to disclose that their customers' personal data had been exposed.

Adding in Air India's customers, the SITA attack has now impacted 4.5 million people, the report said.

Group-IB said the Air India attack persisted for at least two months and 26 days.

The researchers were able to tie APT41-controlled IP addresses to those used the Air India attack, and said the incident showed similarities with the SITA attack and others carried out by APT41.


News URL

https://threatpost.com/supply-chain-attack-airlines-state-actor/166842/