According the media agency Bloomberg, the United Airlines detected a cyber attack into its computer network at the end of May or early June, the journalists cited some unnamed sources familiar with the incident.
The source confirmed that the hacking crew that hacked United Airlines systems is the same APT that successfully carried out several cyber attacks.
Why the hackers targeted the United Airlines?
The investigators suspect that the Chinese APT is gathering information on million of Americans to run further attacks.
“The previously unreported United breach raises the possibility that the hackers now have data on the movements of millions of Americans, adding airlines to a growing list of strategic U.S. industries and institutions that have been compromised. Among the cache of data stolen from United are manifests — which include information on flights’ passengers, origins and destinations — according to one person familiar with the carrier’s investigation.” states Bloomberg.
The situation is scaring, if the news is confirmed, the Chinese hackers can cross this data with records stolen from the federal personnel office discovering the movements of personnel working in defense and intelligence, including contractors that are privileged targets for cyber espionage campaign. The situation is worse if we consider that possibility that hackers could cross-reference the huge amount of data with stolen medical and financial records, revealing possible avenues for blackmailing or recruiting people who have security clearances.
When cyber security experts reference Chinese APT, in the majority of cases they consider these groups linked to the Government of Beijing.
Contacted for a comment, United Airlines didn’t immediately respond.
The situation is very concerning, according to a report submitted as testimony by Greg Wilshusen, director of information security issues at GAO, in a recent congressional hearing cybersecurity incidents that involved federal government have increased more than 1,000 percent since 2006.
The document reports that in the fiscal year 2014, federal agencies suffered 67,168 cyber security incidents that exposed personally identifiable information (PII), meanwhile the number of incidents in 2006 was just 5,503 (+ 1,121%).
The number of cyber attacks increased as never before as their level of sophistication, it is essential that private firms and Government agencies will increase resilience of their systems against cyber attacks.
At the time I was writing another worrying news is circulating on the web, part of a Pentagon email network taken down over suspicious activity, the US authorities are investigating on the alleged intrusion.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.