Cyber Incident Victim: Boeing Digital Solutions, Inc.
Date:
Nov 2022
Location:
United States of America
Summary
A cybersecurity incident at Boeing subsidiary Jeppesen disrupted flight planning operations, causing technical issues affecting navigation products, services, and communication channels. The incident impacted the processing of critical aviation hazard notices (NOTAMs), leading to operational disruptions for customers, though the company confirmed no threat to aircraft or flight safety. While unconfirmed by Boeing, external reports suggested ransomware involvement. The organization engaged in restoration efforts and notified customers and regulators, amid broader industry trends of aviation-sector cyberattacks targeting critical infrastructure. Previous Boeing-related incidents included a limited WannaCry infection years earlier, with no production impact.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On November 2, 2022, Jeppesen—a Boeing subsidiary providing critical navigation and flight planning tools—confirmed it was responding to a cybersecurity incident that disrupted some operations. The company first signaled technical issues through a red banner on its website the prior day, November 1, alerting customers to problems affecting unspecified products, services, and communication channels. Boeing later clarified the event as a cybersecurity incident impacting certain Jeppesen flight planning systems, causing operational disruptions but posing no threat to aircraft or flight safety. The incident specifically impaired the receipt and processing of Notices to Air Missions (NOTAMs), essential alerts pilots rely on to identify route hazards. While the full scope of affected systems and customers remained unclear, the disruption highlighted the subsidiary’s role in global aviation logistics. Boeing initiated restoration efforts and maintained communication with customers and regulatory authorities throughout the incident.
The parent company did not publicly confirm the incident’s cause or attribution but acknowledged the active investigation. External reporting by aviation blogger Matthew Klint suggested ransomware involvement, though Boeing declined to corroborate this detail at the time of initial disclosures. The event occurred amid heightened scrutiny of aviation sector cyber risks, following ransomware attacks against airlines like SpiceJet and Accelya earlier in 2022. Boeing itself had previously encountered cyber disruptions, including a 2018 WannaCry malware infection that affected limited systems without halting production. Jeppesen’s incident underscored industry-wide vulnerabilities as the U.S. Transportation Security Administration advanced mandates requiring aviation entities to report cybersecurity incidents to CISA within 24 hours. Restoration timelines and final impact assessments were not disclosed in initial statements, though Boeing emphasized ongoing efforts to resume full service.