Rawpixel.com - Fotolia

Singapore Airlines the latest victim of supply chain attack

A restricted set of data of over 580,000 frequent flyer members of Singapore Airlines was exposed in a supply chain attack against Sita’s passenger service system

Singapore Airlines (SIA) has become the latest victim of a supply chain attack against the passenger service system of Sita, a supplier of IT systems for the airline industry.

SIA, a Star Alliance member airline, provides a restricted set of frequent flyer programme data to the alliance, which is then sent to other member airlines to reside in their respective passenger service systems.

This data transfer is necessary to enable verification of a customer’s membership tier status, and to accord to member airlines’ customers the relevant benefits while travelling. 

While SIA is not a customer of the Sita passenger service system, one of the Star Alliance member airlines is, exposing the frequent flyer programme data of all 26 member airlines, including Singapore Airlines.

SIA said around 580,000 KrisFlyer and its top-tier Priority Passenger Service (PPS) members have been affected by the Sita breach. The information involved is limited to the membership number and tier status and, in some cases, membership name.

The airline said this data breach did not involve KrisFlyer and PPS member passwords, credit card information, and other customer data such as itineraries, reservations, ticketing, passport numbers, and email addresses, as SIA did not share this information with other Star Alliance member airlines.

It stressed that that none of its IT systems had been affected by this incident and is currently reaching out to all KrisFlyer and PPS members to inform them about this incident.

Read more about cyber security in APAC 

Besides SIA, Malaysia Airlines, Finland’s Finnair and South Korea’s Jeju Air were reportedly affected by the attack, which Sita said was the work of highly sophisticated threat actors.

In a statement, Sita said it acted swiftly and initiated targeted containment measures. “The matter remains under continued investigation by Sita’s security incident response team with the support of leading external experts in cyber security,” it added.

Supply chain vulnerabilities have come under the spotlight in the aftermath of the attack on SolarWinds’ network management software which many large enterprises and governments rely on.

“Complex global supply chains offer those with criminal intent many points of vulnerability that may be tested in the pursuit of compromising system,” said Sanjay Aurora, managing director of APAC at Darktrace.

“These attacks are virtually impossible to detect with standard security tools and procedures because the malicious software is packaged as legitimate, within your own laptop or software you have typically relied on, and delivered into the heart of your organisation by trusted suppliers,” he said.

Against this growing threat landscape, Aurora said the challenge that businesses must face urgently is not an audit of all their suppliers but how to manage the pervasive risk that suppliers from all over the world bring.

“That’s why a growing number of companies today are adopting a zero-trust policy when it comes to both their internal environment and supply chain, relying on cutting-edge technology like artificial intelligence to identify and stop cyber attacks wherever they emerge,” he added.

Read more on Data breach incident management and recovery