Cyberespionage Targets Aviation: ICAO and ACAO Breached

Summary: The aviation sector is under increased cyber threat, illustrated by recent attacks on the International Civil Aviation Organization (ICAO) and the Arab Civil Aviation Organization (ACAO). The ICAO experienced a significant data breach involving the leak of 42,000 documents, primarily containing recruitment-related personal information. Meanwhile, the ACAO faced an attack through a SQL injection vulnerability, compromising sensitive records of aviation safety specialists.

Affected: International Civil Aviation Organization (ICAO), Arab Civil Aviation Organization (ACAO)

Keypoints :

  • ICAO confirmed a data breach involving sensitive recruitment-related information, including personal details of employees and applicants.
  • ACAO was targeted using a SQL injection attack, leading to the exfiltration of employee credentials and sensitive information on aviation safety experts.
  • The nature of these attacks suggests involvement of state-sponsored actors aiming to acquire sensitive information for espionage purposes.

Source: https://securityonline.info/cyberespionage-targets-aviation-icao-and-acao-breached/