Mike Tyson famously quipped, "Everyone has a plan until they get punched in the mouth," highlighting the stark difference between theory and reality. This rings especially true in today's digital battleground, where companies are learning the hard way. The surge in cyberattacks isn't just a fleeting concern; it's a knock-out blow to unprepared systems. According to the Hiscox Cyber Readiness Report, over half of the 5,000+ companies surveyed in 2023 have already felt this punch, facing one or more cyber incidents this year.

Such high-profile breaches in critical industries like aerospace and defense underscore a grim reality: Cyber threats are evolving faster than many can adapt, making them a significant financial and operational risk for multinational corporations. It's a trend that demands urgent attention and a robust defense strategy. Companies are now looking for ways to bolster their cybersecurity defenses to not just anticipate the punch but effectively counter it.

How this plays out

Ransomware attacks are now commonplace, with companies reporting a roughly 45% rise in incidents year-over year. The U.S. is a hotbed for such attacks. This escalation is taking place as groups that were once considered rogue elements seeking to make a political point or simply cause chaos blossom into professional organizations, employing actual account managers to help masterminds manage a list of ransomware service offerings that can make criminal activity a smoother experience. 

A graph of a number of data

Description automatically generated

A green circle with grey and black text

Description automatically generated

This trend is no laughing matter. Take the case of Boeing: in early October, the U.S. aerospace giant fell victim to the cybercrime gang, LockBit. The hackers reportedly stole ~45 GB of sensitive data from Boeing, much of which was leaked online. The attack also took down portions of Boeing’s Global Services website for several weeks.

Scandinavian Airline (SAS), meanwhile, suffered the misfortune of a boomerang attack. The first occurred in February, the next came in May. So-called hacktivists launched a distributed denial-of-service (DDoS) attack, paralyzing SAS’s website and exposing some customer information online.

In another recent incident, SpaceX supplier Maximum Industries was targeted, resulting in portions of the Raptor V2 engine schematics being leaked online. SpaceX was the ultimate target of this attack, as the perpetrators leveled their ransom demands directly at SpaceX founder, Elon Musk.

Why does this matter?

Boeing, SAS, and SpaceX weren’t unaware of cyber threats. Each company is important to national interests, geopolitical stability, and the global economy. Yet, in the end, each was vulnerable, regardless of the plans they had in place.

Successful cyberattacks harm corporate reputations, erode the public’s trust, and embolden criminals to take further shots at high-profile companies. These incidents carry real consequences: compromising sensitive data, enabling financial fraud, disrupting revenue streams, and – in SpaceX’s case – weakening the security of the space value chain. 

As a result, there is a heightened awareness of the growing U.S. economic and national security reliance on its aerospace, airline, and defense industries as critical infrastructure. Various agencies are taking action, examples include: 

  1. The Federal Aviation Administration (FAA) enforces strict cybersecurity standards for system updates.
  2. The U.S. Space Command is looking to partner with the non-profit Space Information Sharing and Analysis Center (Space ISAC) to become more proactive against threats to both private and public entities. 
  3. The Cybersecurity and Infrastructure Security Agency (CISA) has outlined 16 critical infrastructure components, including the defense industrial base, government facilities, and information technology, all of whom share the common attribute of being targeted by these types of attacks. A proposal is now on the table to name the space industry as a 17th “critical infrastructure sector­.”

Taking action

Computers, phones, and tablets – whether personal or work-issued – offer multiple access points into company systems. Each of these access points, designed to help maximize employee productivity, creates another potential weakness in a company’s cyber defenses. 

Organizations' cybersecurity policies must evolve as attacks become more sophisticated and brazen. This requires consistent analysis and monitoring of events across the globe in various industries and government organizations. It also increases the urgency to implement robust, multi-layered defense strategies, from rapid patching and analysis of platforms to enforced device reboots for updates, along with ongoing user education through regular training and ad hoc testing. 

Cybersecurity will remain a challenge for all companies as they are forced to defend against current threats, while safeguarding their futures against rapidly evolving dangers. The more agile an organization is, the better prepared it will be. 

AlixPartners offers specialized cybersecurity solutions tailored to the aerospace and defense industry, including rapid diagnostics, QuickStrike® capabilities, product security risk evaluations, industry-specific regulatory and compliance reviews, security and privacy strategy and design, comprehensive penetration testing, and more to enhance organizational resilience against cyber threats. 

During an era in which cyber threats are ubiquitous, reinforcing cybersecurity measures is not just a corporate responsibility. It is a critical aspect of national security and industry integrity. At AlixPartners, we are committed to partnering with organizations in the aerospace and defense sector to fortify their defenses, ensure the safety of their operations, and maintain trust in their organizations.