A team of Hackers based in China, that have been blamed for a number of high-profile cyber-attacks in the US (including American health insurers and US military and intelligence), are now being accused of two new intrusions. On this occasion, the savvy hackers have infiltrated the systems of both the travel reservation firm Sabre and the largest airline courier in the world, American Airlines. The hacks are part of a month-long series of penetrations that US government officials are attributing to the Chinese hackers.
Sabre, which contains on its networks information about up to a billion travelers, confirmed that its systems had indeed been penetrated. While American Airlines – which shares some of Sabres systems – is still working to investigate how badly it was affected during the breach.
The second largest airline courier in the world, United Airlines, was also thought to have been implicated. However, a strong denial on its part suggests that it did not suffer the same fate, says Paul Tiao, a partner with Hunton & Williams,
‘If personal information is involved, United would have a notification obligation under 47 state laws. The other thing is, as a publicly traded company, it has SEC reporting obligations — and the SEC has been very focused on cybersecurity reporting. So if United is saying there was no hack, that’s something that should be taken seriously.’
In reality, information stolen from American Airlines and Sabre alone is enough to cause concern. According to cyber security experts, data taken by the Chinese could be used to blackmail people for information or perhaps even to recruit new spies. Global information security researcher Bill Hagestad II commented,
‘If they correlate Office of Personnel Management data with airline manifests and medical histories, they can build a serious counterintelligence campaign against an individual or group of individuals.’
‘Any personal information can be used to conduct further intelligence-gathering operations through spearphishing and other types of social engineering attacks, ’added Paul Tiao from Hunton and Williams.
It is for these reasons that the hacks are considered highly worrying. The stolen data could allow the Chinese to analyze the travel itineraries of important US government and military personnel. American Airlines (and United Airlines) are responsible for most of the US government’s biggest airline contracts, which means that they hold the keys to a treasure trove of information on the travel schedules of high-ranking US officials.
The CEO of Secure Channels, Richard Blech, is sure that the Chinese are being driven by the goal of cross-referencing. Big data, he says, is the key to understanding this drawn out series of coordinated Chinese attacks,
‘The more data you can gather, the more you can do with it,’ he said ‘They’ve got computer systems that will crunch all the data they steal, and they’ll get the value they need to get out of it.’
The good news is that Sabre is not reporting a loss of credit card information,
‘We are not aware that this incident has compromised sensitive protected information, such as credit card data or personally identifiable information, but our investigation is ongoing.’
Taking into account the amount of Airline and Hotel bookings that the firm handles, this can only be considered a minor miracle. Especially when put into perspective by the cyber attack that occurred across the pond last week, when mobile phone company the Carphone Warehouse was hacked of 90,000 credit card details in the UK. Small mercies indeed.
So far American Airlines has been unable to confirm exactly how it was affected. Its spokesman Casey Norton has commented that ‘we are working closely with our partners to further investigate.’ Also mentioning that American Airlines will go ‘above and beyond any notification requirements’ to get to the bottom of it.
Certainly, these latest attacks are beginning to show-off the extent of the damage that is happening at the hands of these Chinese hackers. To date 21 million people’s personal information was stolen from the Office of Personnel Management (which houses sensitive information on federal employees and co-habitants, including social security numbers, residency, health records and financial history.) Add to that the medical records that were taken from Anthem, and the 4.5 million stolen last year in Tennesse, and you start to get the picture.
What with security experts also blaming ten more breaches on these Chinese hackers since 2013, the big question on everyone’s lips is: Just where will it all end?
‘The Chinese are what I would call the bullies of cyberspace: Everybody knows what they’re doing, but nobody can stop them.’