Airbus boarded by 12 nation-state, crimeware 'breaches' every year Airbus chief security officer Stephane Lenco says the company is hit by successful state-sponsored and ransomware attacks a dozen times each year. The attacks aren't full breaches, instead representing penetration beyond simple scanning trigger a response from the aviation giant's security and computer emergency response team …
Must be frustrating sometimes, not beaing able to name the nations behind attacks because you still have to do business with them.
And I'm pretty sure that every now and then he lies awake at 3am because he knows that he probably can't know about every attack ever, and he also knows that he will probably never know just how much he doesn't know. I know, it's complicated.
... complacency, as ever for a CSO. Of course a CSO must *never* do or say anything that could affect share values, so anodyne announcements are par for the course. However... it took you TWO HOURS to shut down a ransomware attempt?
"He described how one ransomware attacker compromised a staffer's machine which off site, and began encrypting files across the corporate network once the infected computer was connected to the office intranet."
Yes.. and how does that happen? He appears to be trying to give the impression that some nasty "attacker" succeeded in somehow compromising the computer of a "staffer" while the machine was off site. No doubt some incredibly clever and devious technical attack that sneaked past the robust configuration and defences of the corporate machine. Which is bollocks.
Mr Occam says that the "staffer" did something stupid. They were phished or spear phished, or they were browsing pr0n on a corporate computer or downloading WaReZ or something equally stupid such as using USB sticks that had been used on an internet-facing system. But the event was not detected by the AV fitted to the machine (if any) and when re-connected to the corporate network it started on its merry way to do what ransomware does. If it was from a USB stick then shame on Airbus for not having end-point protection.
That is a gross failure on the part of Airbus to secure their machines properly, on the part of the employee doing something with a corporate machine that they shouldn't have been doing and again on the part of Airbus for not providing appropriate training about the need to ensure that dodgy crap doesn't end up on a corporate system.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
