EXECUTIVE SUMMARY:

A series of international airlines have been affected by a serious supply chain attack. The scope of the attack is concerning. Details are still emerging.

In the past year, broadly speaking, the aviation industry has seen a sharp spike in cyber attacks. Aviation groups represent appealing targets due to the troves of personal information in their possession.

What we know

The breach exposed data belonging to more than 500,000 frequent-flyer program members. The data may include names, frequent-flyer number, status and tier level.

“Loyalty data can be easily monetized”, says security expert Andrew Barratt. It’s no surprise that hackers want to sell this information on the dark web.

Let’s lock down the software supply chain

Securing the supply chain is a must. Nearly 40% of cyber attacks are believed to originate via supply chain security loopholes.

Check out these simple steps for improved supply chain security. How does your organization stack up?

• Determine whether or not any legacy software or hardware should be sunsetted.
• Ensure software is patched in a timely manner. Unpatched software can easily compromise environments.
• Improve visibility across the network. Combine your data with thorough analysis.
• Add process gates and controls across every aspect of the development pipeline. These can assist with maintaining software integrity.
• Implement zero-trust policies and artificial intelligence-based systems, which can help prevent inbound threats.
• Ask questions and sign legal agreements with third-parties when it comes to cyber security. As the adage goes, your security is only as good as your weakest link.
• Dedicate resources to improved monitoring tools.
• Understand your supply chain at an elemental level. Determine how to trace every component to its origin.

Need information on supply chain risk management? Get insights from NIST.