Aerospace giant Airbus has become the latest victim to hackers, they said the company suffered a cyber attack that lead to a massive data breach which released billions of records onto the Dark Web.
“Airbus SE detected a cyber incident on Airbus ‘Commercial Aircraft business’ information systems, which resulted in unauthorized access to data,” the company says in a statement issued on Wednesday. “There is no impact on Airbus’ commercial operations.”
After reviewing the leaked records called “Collections #2-5” it contain a massive 2.2 billion stolen account records. Which is many millions of accounts shorter than the Collections #1 Dump
“2.2 billion records is a staggering number,” said Frederik Mennes, senior manager of Market & Security Strategy, Security Competence Center at OneSpan, via email. “Companies should remember that easy targets will continue to be exploited first, because cybercrime follows the path of least resistance. Applying multi-factor authentication may stop an attacker as the attacker might go after only users that have not enabled stronger authentication.”
Simon Whitburn, senior vice president of Cyber Security Services at Nominet said:
“Ensure that any outward facing servers are secured with strong passwords and multifactor authentication,” he explained. “Install a culture of cybersecurity within the organization itself, with training for all staff to help then spot suspicious emails and feel confident in asking their superiors to confirm instructions that they send over email. By having many layers to their security, it can help detect breaches at a much earlier stage as well.”
He also stated that, “We are becoming accustomed to breach notification news, but sad to say, the use of multi-factor authentication is still not utilized whenever and wherever possible. MFA combines at least two out of three of the following technologies: something you know (such as a PIN), something you have (such as an authentication app on the smartphone) or something you are (such as a fingerprint or facial recognition). The passwords that are generated only last for a limited period of time, which makes it useless for hackers to intercept and reuse them.”
More Details Here: Airbus Statement on Cyber Incident