Hackers leaked the secret details of a Swedish/Canadian GlobalEye airborne early warning and control aircraft after its manufacturers seemingly manufacturer Bombardier refused to pay a cyber ransom.
Canadian business jet manufacturer Bombardier, whose Global 6000 jet is used for Saab’s GlobalEye spy plane system, announced that it recently suffered ‘a limited cybersecurity breach.’
Hackers reportedly noticed a zero day exploit in the Accellion FTA web server software, which is used “by companies to host and share large files that can’t be sent via email to customers and employees,” according to ZDNet.
Hackers then posted the Globaleye information to the dark web site “CLOP^_-LEAKS,” where the Clop ransomware gang uploads the data of companies that fail to pay the ransom.
The CLOP website was launched in March 2020 to publish data stolen from groups or companies that refuse to pay a ransom, according to cyber-security firm Cyware.
The leak posted to the darkweb site CL0P^_- LEAKS, appears to show specifications and mechanics for the GlobalEye airborne early warning and control platform developed by the Swedish defense company Saab.
The leak also included confidential information about customers, suppliers and employees.
‘Forensic analysis revealed that personal and other confidential information relating to employees, customers, and suppliers was compromised,’ the company said in its statement.
In its press release, Bombardier did not directly comment on the Clop’s leak of the plane schematics.
Information posted to the Clop site indicate a number of corporate documents, including flight test reports and parts schematics, were stolen.
‘The ongoing investigation indicates that the unauthorized access was limited solely to data stored on the specific servers. Manufacturing and customer support operations have not been impacted or interrupted,’ according to the release.
Bombardier said about 130 employees located in Costa Rica were impacted by the hack and the company has been contacting stakeholders including customers and employees whose data was potentially compromised.
GlobalEye is ‘a surveillance solution that ensures quick and accurate coverage of vast distances of air, sea or land, with the ability to switch between surveillance areas in an instant.’ according to Saab’s website.
Countries currently using Saab’s GlobalEye AEW&C plane include Mexico, Brazil, Greece, Pakistan, Thailand, the United Arab Emirates and Sweden, according to a press release from the company.
Globaleye is comparable to the United States Air Force’s E-2 Sentry airborne control and warning aircraft. This means that Canada also heavily relies on this plane.
Since the aircraft is important to the Canadian Air Force, this means that the hack is currently a serious one.