AerCap, a major global aviation leasing company, has been targeted by ransomware, becoming the fourth aviation industry firm to face such an attack in the last six months. The Dublin-based company, considered one of the world’s largest commercial aircraft owners, disclosed the cybersecurity incident in a filing with the US Securities and Exchange Commission (SEC). The attack occurred on January 17, 2024, and while AerCap asserts full control over its IT systems with no reported financial losses, the extent of potential data impact remains unknown, prompting an ongoing investigation involving third-party cybersecurity experts and law enforcement notification. The incident follows a series of cyberattacks on the aviation sector in 2023, including those on Air Canada, Boeing, and Japan Aviation Electronics.
AerCap, with an annual revenue exceeding $7 billion in 2022 and 2023, has taken immediate steps to address the ransomware incident, including launching an investigation and engaging external cybersecurity experts. The company emphasized its commitment to maintaining control over its IT systems and reported no financial losses incurred thus far. Despite the uncertain impact on data, AerCap remains vigilant in assessing the situation. Notably, the aviation sector has witnessed multiple cyberattacks, with Air Canada and Kenya Airways, both leasing customers of AerCap, experiencing breaches in 2023.
The cybersecurity landscape in the aviation industry continues to raise concerns as prominent carriers worldwide, including Delta, United, British Airways, Lufthansa, Air France, Qatar, and Air Asia, are serviced by AerCap. The industry faces persistent threats from ransomware groups, as illustrated by the recent attacks on Air Canada, Boeing, and Japan Aviation Electronics. As the investigation into AerCap’s incident unfolds, the global aviation sector grapples with the evolving challenges of cybersecurity in an increasingly interconnected and digitally reliant landscape.
