Fri, Jan 26, 2024
Aircraft Lessor Hit with 1-Terabyte Hack from 'Slug' Group
AerCap confirmed a ransomware attack in a filing with the US Securities and Exchange Commission, stating that the firm was robbed of 1 terabyte of data by the "Slug" group.
The group has threatened to slowly trickle out releases of the data unless AerCap pays their ransom, setting a 2-week deadline to begin paying. The leak plans appear to have 5 gigabytes published after 3 days of non-payment, 30 gigs after a week, with the rest of the data published at the end of the 2-week term. No indication has been given of how much the ransom sits at.
Slug seemed like a small-timer at first, with only the AerCap caper to their hame,but things have a way of moving quickly in the ransomware space. Unlike the usual method of exploiting weaknesses and encrypting the data and systems of a target, Slug opted for a less invasive and hands-off method. They merely copied internal AerCap data without encrypting anything, allowing the firm to continue on with business as usual. (By ransomware standards, it's a courtesy, though the extortion angle mitigates the kindness quite a bit.) The only drive to enforce ransom payment is the fear of public disclosure of their internal documentation. The company hasn't been too noisy about the hack, and their tone so far appears nonplussed about the whole affair.
In their Form K-6 to the SEC, AerCap gave a brief overview of the event. "On January 17, 2024, we experienced a cybersecurity incident related to ransomware. We promptly took steps to investigate with the support of third-party cybersecurity experts and notified law enforcement. We have full control of all of our IT systems and to date, we have suffered no financial loss related to this incident. Our investigation into this incident, including the extent to which data may have been exfiltrated or otherwise impacted, remains ongoing."
More News
"To advance autonomous flight systems, our focus remains on automating pilot skills that enhance efficiency but most importantly, prioritize safety at every stage. Progressing thes>[...]
Aero Linx: MC-12W Liberty The MC-12W is a medium-to low-altitude, twin-engine turboprop aircraft. Its primary mission is providing intelligence, surveillance and reconnaissance sup>[...]
Airport Taxi Charts Designed to expedite the efficient and safe flow of ground traffic at an airport. These charts are identified by the official airport name; e.g., Ronald Reagan >[...]
Pilot’s Failure To Engage The Turbocharger For Takeoff And His Improper Decision To Continue The Takeoff... Analysis: The owner recently purchased the experimental amateur-bu>[...]
Also: NATA CEO In Legal Dilemma, WestJet Encore Settle, Drone Bill H.R. 8416, USN Jet Trainer GAMA released their 1Q/24 GA Aircraft Shipment and Billing Report -- with mostly mixed>[...]