On September 1, the German Air Navigation Service (DFS) was the victim of a cyber attack targeting its internal communications system. Although air traffic was not affected and the consequences appear to be limited for the time being, this attack has highlighted a critical vulnerability. The pro-Russian hacker group APT 28, suspected of being behind the attack, is known for its cyber espionage activities, with alleged links to Russian military intelligence (GRU).

This incident highlights the need for a strict partitioning system between critical infrastructures and office systems. Such a separation would better protect vital air traffic control functions from malicious intrusion, by limiting access to sensitive systems and minimizing the risk of an attack spreading. By reinforcing these barriers, it would be possible to prevent more serious consequences, such as the disruption of air traffic or the exfiltration of sensitive data.
Credits : The computer world