What just a few days ago was a rumor has just been confirmed. The systems of SITA, a provider of communication and it services that collaborates with more than 90% of airlines worldwide, were compromised in what the company identified as a “sophisticated cyberattack.” According to Edna Ayme-Yahil, the company’s spokesperson, the affected servers belong to the Atlanta-based SITA PSS Passenger Service System (SITA PSS).
Although the company representative mentioned that it cannot give further details so as not to compromise the ongoing investigation, a recent Singapore Airlines report mentions that at least 580,000 of its passengers may have been affected: “Each airline has been informed about the exact number of users affected, in addition to the type of information compromised,” Yahil added.
All affected airlines are members of the Star Alliance, so these companies have already begun notifying their customers about this incident, which most likely involves confidential information.
On the affected systems, the spokesperson mentioned that these implementations allow airlines to manage information from their frequent flyer programs: “SITA PSS stores information from Star Alliance airlines so that other non-organization airlines can have relevant information.”
While the nature of the compromised data remains a mystery, cybersecurity experts believe this information can be highly valuable to cybercriminals: “Cybersecurity incident statistics involving information extracted from airlines show that these attacks can have disastrous consequences for affected users,” a recent hackerOne report says.
Shlomie Liberow, hackerone’s security architect, says: “The aviation industry has been particularly affected by cybersecurity incidents in recent months. However, it is important to note that these organizations have always been an attractive target for malicious hackers given the kind of information they manage on their systems.”
Since the severe incident at SolarWinds, hackers have discovered how productive an attack on an organization’s supply chain can be to achieve accelerated engagement. Another recent incident affected dozens of organizations working with Accellion FTA file transfer software, exposed to the exploitation of a zero-day flaw in the interception of confidential information.
The cybersecurity community believes that ideally in the face of this new variant of attacks is to change focus to implement better security mechanisms in third-party solutions used by large companies, thus preventing campaigns against products such as Accellion or SolarWinds Orion.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.