Cyber Incident Victim: Jeppesen
Date:
Nov 2022
Location:
United States of America
Summary
A cybersecurity incident at Boeing subsidiary Jeppesen disrupted flight planning tools and services, impacting the receipt and processing of critical aviation hazard notices and causing operational disturbances. The incident affected communication channels and product functionality, but the company confirmed no threat to aircraft or flight safety while working to restore services and coordinating with customers and regulatory authorities.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around November 1-2, 2022, Jeppesen—a Boeing subsidiary specializing in aviation navigation and flight planning tools—experienced a cybersecurity incident that disrupted its operational services. The company first acknowledged technical issues publicly on November 2 by placing a red banner on its website, alerting customers to problems affecting certain products, services, and communication channels. Boeing confirmed the event was a cybersecurity incident, though it did not immediately specify the nature of the attack. The disruption impacted Jeppesen’s ability to receive and process Notices to Air Missions (NOTAMs), critical advisories that inform pilots of potential hazards along flight routes. This led to flight planning disruptions for customers, though Boeing emphasized there was no evidence suggesting threats to aircraft or flight safety. Industry observers, including a travel blog, speculated the incident involved ransomware, but Boeing declined to confirm this during the initial response phase, citing the ongoing investigation.
Boeing initiated response measures focused on service restoration and stakeholder communication. The company engaged directly with affected customers and regulatory authorities to manage the operational fallout. While the full scope of the disruption remained unclear, the incident highlighted vulnerabilities in aviation-critical systems. Jeppesen’s parent company leveraged prior experience handling cyber incidents, including a 2018 WannaCry malware infection that affected limited systems without disrupting production. The 2022 incident occurred amid heightened regulatory scrutiny, with the Transportation Security Administration (TSA) recently mandating that aviation sector cyber incidents be reported to the Cybersecurity and Infrastructure Security Agency (CISA) within 24 hours. Boeing’s public statements emphasized transparency and operational recovery, avoiding detailed disclosures about attacker methodologies or compromised systems while restoration efforts continued.