Life’s a breach: Reported attack on United Airlines shows everyone has …

30 Jul 2015 | Author: | No comments yet »

Chinese Hackers Also Hit United Airlines, Stole Travel Information.

United Airlines, the world’s second-largest airline by seat capacity, was the target of a group of Chinese hackers who were behind one of the largest breaches of government data in U.S. history.The hackers who stole data on tens of millions of US insurance holders and government employees in recent months breached another big target at around the same time — United Airlines.United Airlines has announced a penetration of its computer security in May and June, with investigators saying it was most likely the same Chinese squad that carried out the “cyber Pearl Harbor” attack on the Office of Personnel Management, along with an operation against health insurance company Anthem. The world’s second-largest airline detected an intrusion into its computer systems early this summer, Bloomberg reported in a story citing unnamed officials familiar with the investigation.

It included flight manifests, which would have given the hackers access to information about what passengers were on which planes and where they were coming from and going to, Bloomberg reported. “These reports are based on pure speculation, and we can assure our customers that their personal information is secure. Among the data stolen from United are manifests that contain information on flights’ passengers and their movements across the world, added Bloomberg. The hackers are also said to be responsible for the breach that took place against insurance provider Anthem, ultimately leaving them with a massive amount of data on both government workers and insured Americans alike. Bloomberg Business notes this data theft is eerily compatible with the OPM heist: “It’s increasingly clear, security experts say, that China’s intelligence apparatus is amassing a vast database. We remain vigilant in protecting against unauthorized access and use top advisors and best practices on cyber-security to maintain our effectiveness,” spokesman Luke Punzenberger said in an email.

According to multiple sources, United Airlines spotted a breach in its computer system in May or June, and the resulting investigation found the China-based hackers were responsible. Files stolen from the federal personnel office by this one China-based group could allow the hackers to identify Americans who work in defense and intelligence, including those on the payrolls of contractors… That data could be cross-referenced with stolen medical and financial records, revealing possible avenues for blackmailing or recruiting people who have security clearances.” The article reveals that investigators studying the methods used by the thieves who penetrated OPM had already compiled a list of possible additional targets, based on information distilled from their hacking tools, and included United Airlines on that list. In terms of the latter, it emerged back in February that hackers successfully stole information on 78.8 million current and former customers and employees at the health insurance giant. The information comes from Bloomberg, which reports that it got word from “several” knowledgeable sources, three of whom relayed information about the results of the investigation. In light of the national security aspect of the attack, some are calling for United to be transparent as to the attack vector, in order to raise all boats—or planes, as it were. “As is often the case early in a breach investigation, details on exactly how the attackers succeeded in penetrating United Airlines systems is unclear.

The theft of airline information could be used to cross-check travel patterns for government and military officials, providing more clarity on the dealings of top American government staff members. While the United States has declined to point fingers at China, Director of National Intelligence James Clapper has called China the “leading suspect” in the OPM hacks. What, precisely, China plans to do with this bizarrely detailed model of American citizens remains to be seen, but investigators suspect their database is now augmented with a great deal of information about their travel arrangements.

It will likely be months before we know more, but it’s imperative that details are shared with other organizations so that we can collectively improve defenses,” Erlin said. “As we’ve seen with other breaches, attackers are often resident inside an organization’s network for months before being detected. The China-backed team of hackers are said to have hit at least 10 companies and organizations, according to security firm FireEye. “You’re suspicious of some guy; you happen to notice that he flew to Papua New Guinea on June 23 and now you can see that the Americans have flown there on June 22 or 23,” James Lewis, a senior fellow in cybersecurity at the Center for Strategic and International Studies in Washington, told Bloomberg. “If you’re China, you’re looking for those things that will give you a better picture of what the other side is up to.” This comes after news that United UAL -2.07% had awarded two hackers one million free frequent flyer miles each as “bug bounties” for helping to flag security flaws in their system.

At least ten companies have fallen victim to the hackers, and the data gathered could be, says the sources, used to fish for info on recruiting US workers with security clearances, among other things. Business Insider relates theories that China is mapping out American business and government organizations to develop “infrastructure-killing cyber weapons.” The OPM breach made it clear the hackers were particularly interested in U.S. government employees. The hackers appear to be targeting large caches of personal information to build a massive database of Americans’ personal information, according to some experts. There is also some speculation that Chinese attacks on United’s computer systems might have been responsible for recent computer faults that interfered with air travel and left thousands of passengers facing delayed flights—a possibility energetically dismissed by airline and government officials at the time, as they hastened to assure the public that hacker mischief was not responsible for those computer faults. If a group closely connected to the Chinese government was behind a breach at United, there are a number of ways that they could use that data, said Paul Tiao, a partner at law firm Hunton & Williams and former senior counselor for cybersecurity and technology to the FBI director.

Some have expressed concern that such cyberattacks against airlines could be the cause of these disruptions, but two more sources cropped up to say that United hasn’t found a link between the July 8 tech problems and the hack. News of this penetration is dismaying for United, which has been working to upgrade its electronic infrastructure for some time, due to both booking service interruptions and previous hacker raids. Two additional people close to the probe, who like the others asked not to be identified when discussing the investigation, say the carrier has found no connection between the hack and a July 8 systems failure that halted flights for two hours. Chinese hacking groups are thought to be particularly effective at moving from one network to another once they’ve found a way into a target’s systems. And if hackers compromised United and were able to move from systems that handle things like flight records to networks that actually help keep planes up and running, that may put them in a position to be very disruptive, Tiao said.

Zhu Haiquan, a spokesman for the Chinese embassy in Washington, said in a statement: ‘‘The Chinese government and the personnel in its institutions never engage in any form of cyberattack. We firmly oppose and combat any forms of cyberattacks.’’ United may have gotten help identifying the breach from US investigators working on the OPM hack. A report last year from the Senate Armed Services Committee documented at least 50 successful hacks of the command’s contractors from June 2012 through May 2013. The theft by hackers of corporate secrets usually goes unreported, while the stealing of customer records such as Social Security numbers and credit cards is required in most states. ‘‘In most states, this is not going to trigger a notification,’’ said Srini Subramanian, state government leader for Deloitte cyber risk services.

Here you can write a commentary on the recording "Life’s a breach: Reported attack on United Airlines shows everyone has …".

* Required fields
Our partners
Follow us
Contact us
Our contacts

ICQ: 423360519

About this site