A Chinese APT group believed to be responsible for data breaching the United Airlines.

United Airlines reportedly hacked by same group that breached OPM, Anthem.
A Chinese APT group believed to be responsible for a series of high-profile data breaches that affected the U.S. Office of Personnel Management, the Anthem, and more recently the United Airlines.

According the media agency Bloomberg, the United Airlines detected a cyber-attack into its computer network at the end of May or early June, the journalists cited some unnamed sources familiar with the incident. The source confirmed that the hacking crew that hacked United Airlines systems is the same APT that successfully carried out several cyber-attacks.

Why Target United Airlines?

The investigators suspect that the Chinese APT is gathering information on millions of Americans to run further attacks.

“The previously unreported United breach raises the possibility that the hackers now have data on the movements of millions of Americans, adding airlines to a growing list of strategic U.S. industries and institutions that have been targeted and compromised. Among the cache of data stolen from United are manifests — which include information on flights’ passengers, origins and destinations” states Bloomberg.

The situation is scary, if the news is confirmed, the Chinese hackers can cross this data with records stolen from the federal personnel office discovering the movements of personnel working in defense and intelligence, including contractors that are privileged targets for cyber espionage campaign. The situation is worse if we consider that possibility that hackers could cross-reference the huge amount of data with stolen medical and financial records, revealing possible avenues for blackmailing or recruiting people who have security clearances.

When cyber security experts reference Chinese APT, in the majority of cases they consider these groups linked to the Government of Beijing.

Contacted for a comment, United Airlines didn’t immediately respond.

The situation is very concerning, according to a report submitted as testimony by Greg Wilshusen, director of information security issues at GAO, in a recent congressional hearing cybersecurity incidents that involved federal government have increased more than 1,000%(!)  since 2006.

The document reports that in the fiscal year 2014, federal agencies suffered 67,168 cyber security incidents that exposed personally identifiable information (PII), meanwhile the number of incidents in 2006 was just 5,503 (+ 1,121%).

The number of cyber-attacks increased as never before as their level of sophistication, it is essential that private firms and Government agencies will increase resilience of their systems against cyber-attacks.

More Here [cyberdefensemagazine]

Receive Weekly RoundUp

No spam guarantee.

NO COMMENTS

LEAVE A REPLY