(Montreal) Documents related to a military reconnaissance aircraft using Bombardier’s global aircraft platform appear to have fallen into the hands of hackers behind a recent cyber attack by the Quebec company.
This information, obtained through various media and published online, indicates that the technical details, supplier names and other personal information of the Global Eye System developed by the Swedish company Saab have been compromised.
“Because our documents are confidential and belong to our customers, we will not comment on them, especially if they contain specific information,” Bombardier spokesman Mark Masluch said in a telephone interview Wednesday.
On Tuesday, the Quebec aircraft manufacturer revealed that the object of the cyber attack was “recent”, stressing that the consequences were “limited” and that information from employees – 130 people in Costa Rica – was compromised by customers and suppliers.
No further details were given.
So far, three global 6000 business jets – in their original configuration that can travel over 11,000 kilometers – have been delivered to SAB by airborne remote surveillance system for a modified Global Eye program for specific missions. Saab specifically installed a radar system in the aircraft, which is estimated to be capable of detecting more than 600 kilometers.
“I can reiterate that we have retained the services of experts […] And the nature of the attack is limited to the server used to transfer the files, ”Mr. Masluch explained.
Saab said in an email statement Wednesday afternoon that he was aware of the documents being released online. The company said it had “nothing to add” in the case.
When asked if the Bombardier had negotiated with those responsible for the cyber-attack or if there were any exchanges yet, Mr Masluch replied that he was working with “requested authorities”, including Canada, because it was a “criminal act”.
When it was announced that Saab had selected one of its aircraft in 2018, Bombardier explained that Global’s reforms had carried out “thousands of missions over 10 years” with “top military clients”. The company says the aircraft in this family will stand out for their speed and “low maintenance costs”.
Bombardier was targeted by a cyber attack while using a file transfer application developed by Axelian. The company said manufacturing and customer support activities were “not affected or disrupted”. She emphasized that the incident was only relevant to servers “separated from the main network”.
Over the past few weeks, many companies and organizations have confirmed that some of their data has been compromised due to vulnerability in the Axelian application. The list includes the Reserve Bank of New Zealand and the Australian Stock Exchange Constable.
Mourad Debbie, a professor and cybersecurity expert at Concordia University, did not treat Bombardier so harshly, but the incident did not deter him from raising concerns once again. Cybersecurity issues.
“Users of IT products need to make sure that what is installed on their network is secure,” he explained in a telephone interview. The problem is not with them (Bombardier). This organization, Axelian, must have done extra work to identify and address these vulnerabilities. ”
Several stolen information was found on a site deployed a year ago in an attempt to force the hand of entities who refused to pay when data was stolen using Clap ransomware. The group behind the initiative was able to hack the Axelian app.
Shares of Bombardier Class B rose 59 cents, 3 cents, or 5.3%, on the Toronto Stock Exchange on Wednesday afternoon.