×

Irish Information Security Forum

Cybersecurity Attack on AerCap

Release Date: 22 January 2024

 

On January 17, AerCap Holdings, the world's largest aircraft lessor, fell victim to a ransomware attack. The Dublin-based company promptly took steps to investigate the incident, which included bringing in third-party cybersecurity experts and notifying law enforcement.

 

Despite the attack, AerCap reassured stakeholders that it had full control of all its IT systems and had suffered no financial loss related to the incident. However, the extent to which data may have been exfiltrated or otherwise impacted remains unknown.

 

While the company shared no details on the attackers, an emerging ransomware group named ‘Slug’ has taken responsibility for the incident, listing AerCap on its leak site. Slug claims to have stolen roughly one terabyte of data from the aircraft lessor, threatening to progressively leak the information unless a ransom is paid. Within two weeks, the group says, all the stolen data will be released publicly. At the moment, Slug’s leak site only has AerCap listed as a victim.

 

This is the fourth time in the past six months that a company in the aviation industry has been targeted by ransomware. Other victims include Air Canada, Boeing, and Japan Aviation Electronics³. Interestingly, both Air Canada and Kenya Airways, which also suffered a breach earlier this month, are leasing customers of AerCap.

 

AerCap, with an annual revenue of more than €6.4 billion ($7 billion) in 2022 and 2023, is a significant player in the global aviation leasing industry. The company's experience highlights the fact that no organization is immune to cyber threats, regardless of its size or the industry it operates in.

 

As the investigation into the AerCap incident continues, the aviation industry and businesses worldwide will undoubtedly be watching closely, hoping to learn lessons that can help bolster their own cybersecurity defenses.

 

 


References:
(1) AerCap discloses cybersecurity incident. https://uk.finance.yahoo.com/news/aercap-discloses-cybersecurity-incident-141733615.html
(2) AerCap ransomware attack latest to hit aviation sector. https://cybernews.com/news/aercap-suffers-ransomware-attack/
(3) AerCap discloses cybersecurity incident - RTÉ. https://www.rte.ie/news/business/2024/0122/1427957-aercap-hit-by-cybersecurity-incident/
(4) AerCap Faces Cybersecurity Breach: Ransomware Attack on January 17. https://infotechlead.com/security/aercap-faces-cybersecurity-breach-ransomware-attack-on-january-17-82585
(5) Cyber attacks top risks for UK firms in 2024 but spectre of natural disasters looms large. https://www.msn.com/en-gb/money/other/cyber-attacks-top-risks-for-uk-firms-in-2024-but-spectre-of-natural-disasters-looms-large/ar-AA1n3X1j
(6) Aviation Leasing Giant AerCap Hit by Ransomware Attack. https://www.securityweek.com/aircraft-lessor-aercap-confirms-ransomware-attack/

IISF Logo

If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:

By email:
secretary@iisf.ie

By post:

David Cahill

Information Security

GPO, 1-117
D01 F5P2

Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland

 


Forum SPONSORS 

Invitations for Annual Sponsorship of IISF has now reopened.

Sponsorship of IISF Opportunity
(your logo & profile link here)

 

Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more

 

secured by edgescan digital security radar logo

© iiSf. All rights reserved. CRN: 3400036GH  - Privacy  - Sponsorship  - Cybersecurity News Index  - Cybersecurity Resources  - X  - Produced by
LinkedIn Twitter