Cyber Incident Victim: Jeppesen
Date:
Nov 2022
Location:
United States of America
Summary
Jeppesen, a Boeing subsidiary that provides navigation and flight planning tools, experienced a cybersecurity incident that disrupted flight planning services and affected the receipt and processing of Notice to Air Missions. The company warned of technical issues on its website, and a Boeing spokesperson confirmed the incident was a cybersecurity event, noting no threat to aircraft safety while work continued to restore services. Although the exact nature was not confirmed, reports suggested ransomware involvement, consistent with recent cyberattacks on aviation firms such as SpiceJet, Accelya, and Bangkok Airways. Boeing itself had previously encountered the WannaCry virus, prompting patches without production interruption.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On Wednesday, November 2, 2022, Jeppesen added a red banner to its website warning visitors that the Colorado‑based firm was experiencing technical issues with some of its products, services and communication channels. The following day, a Boeing spokesperson confirmed to The Record that Jeppesen, a wholly‑owned Boeing subsidiary that provides navigation and flight planning tools, was dealing with a cybersecurity incident. The spokesperson said the company was still working to restore services and was in communication with customers and regulatory authorities. According to the spokesperson, the incident affected certain flight planning products and services and had caused some flight planning disruption. The spokesperson also stated that, at that time, there was no reason to believe the incident posed a threat to aircraft or flight safety.

The spokesperson’s statement noted that the extent of the disruptions was unclear, but the incident was at least impacting the receipt and processing of current and new Notice to Air Missions (NOTAMs), which are notices filed with aviation authorities to alert pilots of potential hazards along a flight route. Boeing’s spokesperson emphasized that the company was working to restore full service as soon as possible. No specific details about the nature of the malware or the attack vector were provided by Boeing at the time of publication. A travel blogger, Matthew Klint of Live And Let's Fly, reported that the incident was believed to be ransomware, although the Boeing spokesperson could not confirm that characterization and described the situation as still active. The spokesperson reiterated that Boeing remained in touch with affected parties and authorities while efforts to regain normal operations continued.
The article placed the Jeppesen incident in the broader context of cyber threats to the aviation industry, noting that ransomware had recently affected SpiceJet in May 2022, Accelya in August 2022 (linked to the BlackCat group), and Bangkok Airways in August 2022, where passenger information was leaked following a ransomware attack. It also recalled that Boeing itself had been hit by the WannaCry virus in 2018, with a spokesperson telling The Seattle Times that the vulnerability was limited to a few machines, patches were deployed, and there was no interruption to the 777 jet program or other Boeing programs. Finally, the piece mentioned that the Transportation Security Administration had sought to mandate that all cybersecurity incidents experienced by aviation firms be reported to the Cybersecurity and Infrastructure Security Agency within 24 hours. This background information was presented to illustrate the frequency and variety of cyber threats facing aviation‑related organizations.
