Airbus has suffered a series of cyberattacks caused by the lack of security of the suppliers that provide services to it.
The attacks were directed against the engine manufacturer
Roll-Royce and two French subcontractors, and focused on the VPN connection that allowed suppliers to connect remotely to Airbus systems.
Large companies like Airbus are very well protected and
are difficult to attack, that is why cybercriminals choose to carry out attacks against
smaller and weaker companies. This results in suppliers causing security holes
for large companies if they are not well protected, ya que la seguridad de una organización es tan robusta como su eslabón más débil.
El objetivo principal de este ataque era conseguir los
documentos técnicos que certifican las partes de un avión. También fueron robados datos sobre la monitorización del avión de transporte militar A400M, el cual
tiene uno de los turbopropulsores más potentes del mundo.