Brazilian airplane maker Embraer, which is the third-largest company after Boeing and Airbus, has become a victim of a data-breaching ransomware attack.
The attackers have uploaded the stolen data, which includes business contracts and employee information, on the Dark Web. They also published source code and photos of flight simulations.
Researchers believe the website leaking the data is managed by a criminal organization that operates a ransomware called RansomExx, part of the Defray ransomware family.
Embraer admitted to the data breach in a press release, stating that attackers breached their IT systems on November 25. According to the company, only a “single environment” was impacted, causing a temporary impact on the company’s operations.
It’s noteworthy to mention that earlier this year, in an attempt to diversify its business, Embraer Defense & Security invested in two cybersecurity companies, Kryptos and Tempest Security.
Second European Aerospace Company Hit with Ransomware
In early December 2020, Switzerland-based helicopter maker Kopter was also hit with a ransomware attack. Attackers broke into the company’s internal network, encrypting files and exfiltrating sensitive information.
Following Koper’s refusal to pay a ransom, some of the company’s stolen information was published online.
The ransomware infection was later identified as LockBit ransomware, which reportedly infiltrated Koper’s networks by exploiting a VPN appliance that used a weak password and lacked two-factor authentication (2FA) mechanism.
Koper has yet to disclose the cybersecurity breach to the public.
Leave a Reply
Thank you for your response.
Please verify that you are not a robot.