On 8-10 August 2016, OSINT research revealed Delta Airlines had a disruption of cyber service, initially blamed on a local power outage and subsequently identified a “computer glitch” in the media. The disruption lasted over 6 hours; but caused major flight delays, loss in revenue and many angry passengers. Current cyber security experts, to include our research, theorize that a Chinese hacking from January 2016 may have been associated with cyber disruptions of American Airlines, Southwest Airlines and now Delta. Disruptions to the airline transportation industry causes serious negative effects to our American commerce and has a ripple effect to many international markets. Further research in DDoS type attacks against the airline industry is being conducted. We are providing this information for your situational awareness.
Publication date: 10 August 2016
Handling requirements: Traffic light protocol (TLP) GREEN
Attribution/Threat Actors: OSINT – Airline cyber disruptions
Actor Type: Tier II
Potential Targets: USA / International
This report was published in its entirety to the Financial Services ISAC and Red Sky Alliance portal on August 10, 2016. For more information, contact Wapack Labs at 844-4-WAPACK.