Written by James Orme Thu 26 Sep 2019

Chinese hacking group suspected of stealing documents related to Airbus’s military technology

Airbus was struck by four cyber attacks on its suppliers in the last 12 months, according to reports.

AFP, which broke the news this morning, claims the European aerospace giant was hit by a series of attacks by hackers targeting its suppliers for commercial secrets. AFP cited security sources who linked the attacks to a Chinese hacking group.

Airbus admitted to a breach in January and revealed hackers had stolen ‘some personal data’. At the time, Airbus released a reassuring statement claiming the attack had no impact on the company’s commercial operations.

But it turns out the attack might have been the tip of the iceberg. Citing people familiar with the attacks, AFP claims the January breach was a small part of a year long concerted operation that targeted technical company documents.

British engine-maker Rolls-Royce and French technology consultancy and supplier Expleo were among the suppliers targeted. AFP was unable to identify two further French contractors working with Airbus also attacked.

The attack on Expleo was discovered at the end of last year, months after it is thought to have taken place. The hackers reportedly used a VPN that connected the company to Airbus to launch the attack. The attack on Rolls-Royce employed the same technique.

Once the attackers were inside they targeted documents linked to the certification process for different parts of Airbus aircraft, including documents related to the engines of the military transport plane A400m, which uses some of the world’s most powerful propellers. The £150 million A400m is used by the German, French, Spanish and Royal Air Forces.

The sources said the hackers were also interested in the propulsion systems for the Airbus A350 passenger jet and the avionics system which controls it.

They added it was impossible to identify the hackers responsible but suspected Chinese hackers, given that China is struggling to gain certification for its first mid-range airliner and that the country trails the world in engines and avionics research. Given the existence of a motive, several sources linked the hackers to the Chinese hacking group APT10 or JSSD.

In a statement Airbus said it was ‘aware’ of the attacks.

“As a major high tech and industrial player, Airbus is like any other company, a target for malicious actors. Airbus continuously monitors activities on its systems, has detection mechanisms in place and take immediate & appropriate actions when needed.”