Cyber Espionage Group Targets Aviation Firms to Steal Map Data
The campaign quietly compromises aerospace and drone operators to exfiltrate GIS files, terrain models, and GPS data and gain a clear picture of adversaries' world view.
Stay informed on aviation cybersecurity trends, threats to aircraft systems, and airport security measures with the latest news and expert insights.
Search across headline titles and summaries.
Background for this topic.
Aviation encompasses the operation and support of aircraft, including flight control systems, air traffic management, and airport infrastructure. These systems rely on real-time data exchange for navigation, communication, and passenger processing, requiring continuous availability and data integrity to maintain safe and orderly air travel.
Information security in aviation focuses on preventing unauthorized access to avionics and air traffic control networks, which could disrupt flight operations or compromise safety. Key risks include manipulation of navigation data, interference with pilot-controller communications, and exposure of sensitive passenger information. Defenses emphasize strict access controls, network segmentation between operational and administrative systems, and monitoring for anomalies that could indicate cyber threats affecting flight safety or operational continuity.
Weekly headline count for the current query.
The campaign quietly compromises aerospace and drone operators to exfiltrate GIS files, terrain models, and GPS data and gain a clear picture of adversaries' world view.
Researchers say Israel remains a central focus, with UNC1549 targeting aerospace and defense entities in the US, the UAE, Qatar, Spain, and Saudi Arabia.
The first documented deployment of the novel malware in a campaign against the Middle Eastern public sector and aviation industry may be tied to China's state-sponsored actor Earth Baxia.
Microsoft has called the hacker collective one of the most dangerous current cyberthreats.
Though its operations are running smoothly, the airline warned customers and employees to exercise caution when sharing personal information online.
Opportunistic threat actors targeted Portuguese and Spanish speakers by spoofing Portugal's national airline in a campaign offering compensation for delayed or disrupted flights.
The Iran-linked nation-state group made its debut with a stealthy, sophisticated, and laser-focused cyber-espionage attack on targets in UAE.
Companies critical to the aviation and aerospace supply chains didn't patch a known CVE, providing opportunity for foreign espionage.
The now-fixed vulnerability involved a major travel services company that's integrated with dozens of airline websites worldwide.
The group seeks out aerospace professionals by impersonating job recruiters — a demographic it has targeted in the past as well — then deploys the SlugResin backdoor malware.
The Andariel group is targeting critical defense, aerospace, nuclear, and engineering companies for data theft, the FBI, NSA, and others said.
The pro-Ukranian group has upgraded its infection chain, with credentials, strategic info on commercial pilots, or billion-dollar designs as the possible prizes.
Targeting India's government, defense, and aerospace sectors, the cyber-threat group now attacks Linux as well as Windows in its quest to compromise the Indian military's homegrown MayaOS Linux systems.
The purchase would have given Airbus more capabilities to address rising cyber threats in the aviation and aerospace industry.
UNC1549, aka Smoke Sandstorm and Tortoiseshell, appears to be the culprit behind a cyberattack campaign customized for each targeted organization.
One of the world's largest aerospace companies is eyeing a cybersecurity upgrade.
Aeroblade flew under the radar, slicing through detection checks on a quest to steal sensitive commercial data.
As industries around the world act to mitigate the increase in cyber threats, the aviation sector should be leading the cybersecurity uprising, explains William "Hutch" Hutchison, CEO of SimSpace.
The aerospace giant said it's alerting customers that its parts and distribution systems have been impacted by cyberattack.
The Lazarus Group's "LightlessCan" malware executes multiple native Windows commands within the RAT itself, making detection significantly harder, security vendor says.