“Airlines are also in large quantities of sensitive data including customers PII, flight schedule and operational information,” Brijesh Singh, Cyber Security Specialist and Additional Director General of Police, Maharashtra, Additional Director of India said, “Why the group is targeting the region.” “Airlines’ complex global networks and supply chains make them major targets. The intrusion can quickly proceed, leading to enough ransom or stolen data being sold on the dark web.”
Help desk and other large areas in aviation are particularly exposed as they usually serve as outsourced, non-IT functions extracted from day to day business operations. “The perception with the MFA is that if the user undergoes another factor, they are a valid user,” said Varkey. “In many cases, the MFA may not be OTP-based, but may be secret questions, such as ‘your favorite game’ or ‘your mother’s first name’, which is very easy to guess or get through social media.”
The FBI mentioned that the group “targets large corporations and their third party IT providers, which means that any person can be at risk in the airline ecosystems including reliable vendors and contractors.”