Cyber incident at Boeing subsidiary causes flight planning disruptions

Jeppesen, a wholly-owned Boeing subsidiary that provides navigation and flight planning tools, confirmed on Thursday that it is dealing with a cybersecurity incident that has caused some flight disruptions.

A red banner was added to the company’s website on Wednesday, warning that the Colorado-based firm was experiencing “technical issues with some of our products, services and communication channels.”

A spokesperson for Boeing told The Record that the issue was a cybersecurity incident, and the company is still working to restore services.

“Our subsidiary, Jeppesen, experienced a cyber incident affecting certain flight planning products and services. There has been some flight planning disruption, but at this time we have no reason to believe that this incident poses a threat to aircraft or flight safety,” the spokesperson said. “We are in communication with customers and regulatory authorities, and working to restore full service as soon as possible.”

Although the extent of the disruptions are unclear, the incident is at least impacting the receipt and processing of current and new Notice to Air Missions (NOTAMs) — an industry term for notices filed with aviation authorities to alert pilots of potential hazards along a flight route.

Matthew Klint, who runs the Live And Let's Fly travel blog, reported that the incident was believed to be ransomware. The Boeing spokesperson was not able to confirm to The Record that it was ransomware related at the time of publication, saying that it was “still an active situation.”

The aviation industry is regularly targeted by cyberattacks, including ransomware. In May, India's SpiceJet airline reported it was hit with ransomware, leaving hundreds of passengers stranded at airports due to flight groundings. Accelya, a technology provided for many large airlines, said in August that it experienced a ransomware attack tied to the BlackCat group. Last August, Bangkok Airways said that hackers stole passenger information during a security breach following a ransomware incident.

Boeing itself was reportedly hit by the widespread WannaCry virus in 2018, though it was able to recover quickly. “The vulnerability was limited to a few machines,” a spokesperson told The Seattle Times. “We deployed software patches. There was no interruption to the 777 jet program or any of our programs.”

In recent months, the Transportation Security Administration (TSA) has sought to mandate that all cybersecurity incidents experienced by aviation firms are reported to the Cybersecurity and Infrastructure Security Agency (CISA) within 24 hours.