Aviation leasing company AerCap investigates ransomware incident
AerCap, a global company that leases aircraft, engines and helicopters, reported this week that it was responding to a ransomware attack.
In a filing on Monday with the U.S. Securities and Exchange Commission, the Ireland-based company said the impact of the January 17 incident was limited.
“We have full control of all of our IT systems and to date, we have suffered no financial loss related to this incident,” AerCap said. The company said it has more than $72 billion in aviation assets on hand, including 1,700 aircraft, approximately 1,000 engines and over 300 helicopters.
Dubai-based cybersecurity company HackManac reported that AerCap appeared to be the first target of a new cybercrime group called Slug. The group claimed it stole a terabyte of data, according to the company. Analysts at cybersecurity ZScaler noted activity by the group on the same day as the AerCap attack.
AerCap has called in third-party experts and notified law enforcement, the SEC filing said. The company has offices in the U.S., Europe, China, Singapore and Dubai.
“Our investigation into this incident, including the extent to which data may have been exfiltrated or otherwise impacted, remains ongoing,” AerCap said.
The aviation sector remains an attractive target for cybercrime groups. Boeing and Japan Aviation Electronics reported attacks in November. Airbus responded to an incident in September.
Joe Warminsky
is the news editor for Recorded Future News. He has more than 25 years experience as an editor and writer in the Washington, D.C., area. He previously he helped lead CyberScoop for more than five years. Prior to that, he was a digital editor at WAMU 88.5, the NPR affiliate in Washington, and he spent more than a decade editing coverage of Congress for CQ Roll Call.