State sponsored hackers target Airbus with major attacks around 12 times a year.

Airbus’ chief information security officer Stephane Lenco has revealed the aviation giant is hit with around twelve major systems attacks each year often by state-sponsored hackers.

Lenco told the Australian Cyber Security Centre conference this week that defence was difficult against state-sponsored attackers who “will try everything” to break in, and if successful, “will go after everything”.

Airbus gets thousands of attacks daily because they have front ends to the internet such as their corporate website however, on average 10 to 12 serious attacks are made on company systems every year.

Some of the attacks are state-sponsored Lenco said, at the same time ransomware, malicious programs which infect computers restricting access to files and operating systems until demands are met, these Lenco says are having ‘great success’ penetrating the company’s computer systems.

Addressing the gathered audience Lenco cited one example of ransomware compromising a computer used by an employee offsite, the infected computer encrypted files within Airbus’ expansive corporate network after it connected to the company’s intranet.

Had the ransomware not been caught and eliminated within two hours and backups activated, Lenco said, the company’s operations and even as far as its research and development efforts could have been hurt.

A slide from Stephane Lenco’s presentation at the Australian Cyber Security Centre Pic: twitter/@zimbani_

Lenco is responsible for the security at 180 sites, for 145,000 employees and a portion of the company’s 160,000 suppliers, he says when it comes to serious attacks he was not concerned with finding out who is trying to hack into his systems:

“What’s the point in trying to know who it is? What you want [to know] is what they’re after and how they proceed,” he said.

“Ultimately who that is, is really a matter for law enforcement. If we’re talking about people that are state-sponsored, doing something about it requires a lot of diplomacy, a lot of paper to make sure it doesn’t happen in the future.”

“We have improved by a great deal over five years. How can we do better is the next question.”

Airbus’ security team will soon start red-teaming – adopting an attacker’s mindset to detect vulnerabilities in networks and systems – and blue-teaming (the defenders) to better catch and mitigate threats.