Global airline network impacted by supply chain attack

Edward Kost
Edward Kost
March 8, 2021

SITA, an IT systems vendor for 90% of the global aviation industry, has been used as an instrument for a sophisticated international supply chain attack.

Like all supply chain attacks, the impact of this breach is likely to be proportional to the compromised vendor’s partner network, which isn’t good news for SITA.

SITA’s client base of over 400 airlines includes prestigious names like Qantas Airways, Qatar Airways, Pacific Airlines, American Airlines, NASA, Japan Airlines, United Airways, Emirates, and British Airways just to name a few. 

Potential victims are currently assessing their systems for evidence of compromise, but Singapore Airlines has already announced that around 580,000 of its customers have been impacted by this breach.

That’s over half a million customers impacted through a single partner -  SITA has over 400 of them.

SITA said in their statement, that the breached data was located in U.S servers and that the data involved passenger information.

“SITA confirms that it was the victim of a cyber-attack, leading to a data security incident involving certain passenger data that was stored on SITA Passenger Service System (US) Inc. servers. Passenger Service System (US) Inc. (“SITA PSS”) operates passenger processing systems for airlines.” SITA said in their statement.

Supply chain attacks of this magnitude are not easy.

First, malicious code needs to be injected into a heavily guarded ecosystem. Then, the code needs to hide behind legitimate processes to prevent detection. Finally, a backdoor needs to be established to clandestinely exfiltrate all sensitive data.

To motivate such a highly complex operation, the bounty needs to be valuable, and in SITA’s case, it definitely was. 

The SITA Passenger Service System (PSS) stores highly sensitive customer information including names addresses and passport data.

Because the SITA PSS ensures each airline can recognize the frequent flyer benefits of other airlines, the database was also storing alliance member data in addition to its customer data.

This attack further injures an industry already heavily wounded by Covid-19. 

Global flight frequency change dropped to -43% YoY in January 2021, and this trend is unlikely to aggressively invert anytime soon. Continuous mutations in the Covid-19 strain make the road to recovery long and its horizons misty.

YoY change of weekly global flight frequency- Source: Statista

Businesses currently experiencing a downturn are focused on survival and not cybersecurity. Cybercriminals know this and intentionally target such businesses while their backs are turned. 

Every industry, especially those experiencing a downturn, needs to start monitoring its vendor network for security vulnerabilities that could be exploited in a supply chain attack.

How secure is SITA?

SITA is a multinational information technology company providing IT and telecommunication services to the air transport industry.
  • Check icon
    View our free preliminary report on SITA’s security posture
  • Check icon
    13 risk factors, including email security, SSL, DNS health, open ports and common vulnerabilities
Security ratings
Abstract shape
Deliver icon

Sign up for our newsletter

Stay up-to-date on everything UpGuard with our monthly newsletter, full of product updates, company highlights, free cybersecurity resources, and more.
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

Protect your organization

Get in touch or book a free demo.
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Website Security scan resultsWebsite Security scan rating