Report: United Airlines Breached By China-Based Hackers
United Airlines has reportedly become the latest target of a state-sponsored hacker as attacks extend beyond inter-state squabbles and toward the enterprise.
The airline detected an intrusion in May or early June and further investigation linked the attack to China-based hackers, according to a Bloomberg report Wednesday that cited sources with knowledge of the investigation. The report said hackers accessed airline records, including flight passenger information, origin and destinations. The report did not say how many records were accessed or whether passenger personal information was accessed.
The reported breach comes on the heels of an apparently unrelated computer glitch earlier this month that grounded flights across the country for over an hour.
[Related: The 10 Biggest Data Breaches Of 2015 (So Far)]
United Airlines denied the breach in a statement to CRN:
’These reports are based on pure speculation, and we can assure our customers that their personal information is secure. We remain vigilant in protecting against unauthorized access and use top advisors and best practices on cyber-security to maintain our effectiveness," a spokesperson for the company said in an email.
The report said the China-based hackers were the same group that targeted the Office of Personnel Management earlier this year, causing one of the largest breaches in history.
United Airlines, as the second-largest airline, poses a tantalizing target for hackers looking to harvest a vast collection of information, according to Jeff Schmidt, CEO and founder of JAS Global Advisors, a Chicago-based high-end security consulting firm focusing on the financial and government verticals. However, Schmidt said, it is important to note that there are multiple China-based hacking groups that don't share information.
While most of the attention for data breaches focuses on hackers who target specific information for immediate financial gain, Schmidt said harvesting is a common hacker technique in state-sponsored attacks as it allows them to build a comprehensive user profile for future use.
"Foreign intelligence services and other intelligence services are very good at this broad harvesting of information, not knowing exact when and where it will be used for, then using it and presenting it where they can," Schmidt said. "With the United data, ... you could learn what meetings and what conferences people are going to, who is traveling together. There's all sorts of data mining that we could do from that data. ... You can certainly start to tell an interesting story with people."
In the last ten years or so, Schmidt said many state-sponsored hackers have been expanding their attack reach from government peers to enterprises, a trend echoed by this most recent alleged United breach.
"Everybody's targeting everybody," Schmidt said. "There are other countries, most notably China, that do not have those limitations. You may have an officially sponsored [group], or these passively sponsored groups that are acting with some sense of government approval or overview or supervision, but are committing these acts purely for commercial benefit."
For companies, that means the excuse of "why would anybody be interested in me?" no longer applies, Schmidt said. That's a challenge for many companies, especially SMBs, which have to balance smaller security budgets with the potential threat from extremely large, sophisticated state-sponsored attackers, he said.
"People know that there is [a growing problem], and the issue is that they need to do something, but knowing how to proportion their spending and attention to defend against the right and most probable adversary is a real challenge," Schmidt said.
That's a trend that companies of all sizes will have to address, he said, as he predicts United won't be the last company to make headlines for a state-sponsored data breach.
"This sort of thing is absolutely going to continue. There's absolutely no doubt in my mind -- there's just too much data out there," Schmidt said.
PUBLISHED JULY 29, 2015