Posted on December 7, 2020 at 12:02 PM
Barely a few days after the details of helicopter maker Kopter was leaked, another airplane maker has suffered the same fate. The third-largest airplane maker in the world, Embraer, was recently hacked and some leaked data have been exposed online as well.
According to the report, the hacking incident involved a ransomware attack, but it’s not clear whether those responsible have contacted the Airplane maker to demand a ransom.
Embraer manufactures agricultural, military, executive, and commercial aircraft. According to the company’s website, Embraer is the third-largest manufacturer of commercial jets, with over 8,000 airplanes manufactured and sold to date.
The company has also released a press statement about the hacking incident. According to the company’s statement, some hackers breached its IT systems on November 25. Embraer also shared some details about the hacking incident but didn’t divulge any sensitive information that may hinder the investigation.
The airplane manufacturer revealed that its “Single Environment” files became inaccessible because of the hacking incident.
Once the attack was discovered, Embraer said it immediately started an incident response procedure to find out more about the attack and mitigate the resultant effect as much as possible.
Embraer Bringing Its Operation Back To Full Capacity
The company also isolated some systems to protect other unaffected files, which has caused disruptions to some operations.
However, the company says it’s using contingency systems to stay operational. Executive VP of Finance and investor relations at Embraer Antonio Carlos, commented on the hacking incident. He says the company is making concerted efforts to completely normalize its operations.
“The Company continues to operate with the use of contingency systems, with no material impact to its activities,” Carlos stated.
The company is also investigating the incident to find out the level of damages on its systems ad third parties.
Carlos also reiterated that the airplane manufacturer will be defining measures to bring its entire operation back to full capacity.
Local news reported about the incident and revealed the attack involved a piece of ransomware. According to the news report, the incident prevented access to the firm’s systems, particularly for employees who are working from home. From the report, it seems the hackers targeted employees who are working from home and had the chance to breach the company’s systems through this medium.
Embraer has never been shy to invest in security systems and beef up its security network. Earlier this year, the security branch of the company contracted two top cybersecurity firms – Kryptus and Tempest Security Intelligence – in an attempt to fortify its security infrastructure.
The company has a large share of the airline manufacturing space and is considered the third largest in terms of operational capacity, only behind Boeing and Airbus.
Hacked Files Exposed on the Dark Net
Today, the threat actors who perpetrated the act have exposed some of the stolen files on the net. It seems they decided to expose the private files of the company after the company refused to negotiate with them for ransom payments.
After receiving ransom demands from the threat actors, the company decided to repair its system using backup files.
The hacker shared the Embraer on the dark web, which is managed by the Defray777 (also RansomExx) ransomware group.
Data uploaded on the dark net site include a source code, photos of flight simulations, business contacts, as well as employee details.
When an Embraer spokesperson was contacted for a further response on the incident, he didn’t return a request for comment.
Embraer was not the only company that had their data exposed on the darknet over the weekend. The RansomExx site was launched on Saturday and it has already exposed data from three companies that were previously attacked.
The Ransomware gang use the newly launched leak sites to pressure victims during negociations for ransom payments. Once the negotiations don’t go smoothly and the victim fails to pay, the group normally releases details of the hacked data on their site, as was the case with helicopter manufacturer Kopter.