AerCap Holdings, the Irish aviation giant and one of the world’s largest owners of commercial aircraft, announced on January 17, 2024 a significant cybersecurity incident involving ransomware. The attack placed AerCap among several aviation organizations targeted in the recent wave of cyber threats.
The ransomware incident, which was immediately reported to the US Securities and Exchange Commission (SEC), did not result in financial loss to AerCap at the time of announcement. AerCap has taken control of its IT systems and is working closely with cyber security experts to investigate the breach. The company also reported this to the law enforcement agencies.
The AerCap breach is the latest in a series of ransomware attacks to hit the airline industry in 2023. Previous attacks have affected major players such as Air Canada and Kenya Airways, while ransomware groups such as BianLian, LockBit and Ransomexx have claimed responsibility. These incidents highlight the growing threat of cyber attacks in the sector.
Despite the attack, AerCap’s financial health appears sound, with sales exceeding $7 billion over the past two years, a marked increase over previous years. However, the full financial implications of the attack and potential data leaks are still being investigated. AerCap’s client list reads like a who’s who of the aviation world, including Delta, United, British Airways, Lufthansa, Air France, Qatar Airways and Air Asia.
While AerCap has not determined how its data may have been compromised, the investigation is ongoing. Also, no ransomware group has claimed responsibility at this stage. AerCap’s proactive response underscores the critical importance of cybersecurity measures in the aviation industry. As airlines and leasing companies prepare for potential future attacks, the AerCap incident serves as a stark reminder of the constant threats facing global aviation.