The cyber attack on Airbus was conducted by a group of hackers operating from China.
According to sources close to the aircraft manufacturer, the cyber attack that Airbus announced January 30 was conducted by a group of hackers operating from China and targeted technical documents relating to the certification of European giant aircraft.
According to sources close to the aeronautical manufacturer, this attack targeted technical documents relating to the certification of European giant aircraft.
“This APT 10 attack is probably even more complex and sophisticated than what we observed so far,” says a source familiar with the case.
The term APT 10 refers to a group of Chinese hackers operating from China and linked to Chinese intelligence services according to the United States. On December 20, 2018, two of its members were indicted by the US Department of Justice and charged with conducting cyberattacks against 12 countries on behalf of the Chinese government.
This case is followed with the greatest vigilance by the National Agency of the security of information systems (ANSSI), the policeman of cybersecurity in France.
The cyber-investigators uncovered a two-stage attack that lasted several weeks. To achieve their ends, the hackers did not directly attack the European aircraft manufacturer. They began by penetrating the computer systems of one of its French suppliers.
The cyber-investigators who follow this file have also made the link with a previous attack on the aircraft manufacturer. “Two years ago, hackers similarly reached the Airbus IT systems after introducing themselves to a service provider in the group, says the same source. “If the code used today is more sophisticated the operating methods are the same, and each time the collected elements indicate that it comes from China “.