Cyber Incident Victim: SABCA
Date:
Feb 2023
Location:
Belgium
Summary
A Belgian aerospace and defense company specializing in aircraft component production, avionics systems, and military maintenance operations experienced a significant cyberattack, forcing it into degraded operational modes. The incident reportedly did not cause major consequences for organizational or client activities, though internal sources confirmed the organization intends to strengthen its cybersecurity posture against future intrusions. With approximately 1,000 employees across multiple sites, the company conducts sensitive work including weapon system updates and space launcher component manufacturing.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around February 24, 2023, Belgian aeronautics and defense contractor SABCA suffered a significant cyberattack that disrupted normal operations, forcing the company to adopt a degraded operational mode. The attack impacted the organization during the preceding week, with the incident becoming publicly known by March 1. Although described as large-scale, internal sources indicated the incident did not cause major consequences for SABCA or its clients. The company confirmed no critical production systems or client operations suffered substantial harm, though the shift to reduced-capacity operations suggests partial functional impairment. SABCA officials declined detailed public commentary when contacted by news agency Belga, maintaining standard crisis communication protocols by avoiding speculative statements about attack origins or demanded mitigations. Operational continuity measures were implemented promptly to maintain essential activities across its aerospace manufacturing and defense maintenance workflows.
SABCA, a major Belgian contractor specializing in civil and military aircraft components, avionics modernization, weapons system upgrades, and military helicopter/aircraft maintenance, faced broader strategic concerns due to its role in producing critical parts for Ariane and Vega space launch vehicles. With approximately 1,000 employees spread across multiple facilities, the operational degradation likely affected internal logistics and production synchronization. Post-incident analysis prompted organizational commitments to bolster cybersecurity defenses, though technical specifics of planned enhancements were not disclosed. The company’s diverse portfolio—spanning commercial aviation, military systems, and space technology—underscored the importance of resilient operational protocols during the disruption. No evidence indicated compromised deliverables to clients or partners, with core defense and aerospace projects maintaining scheduled outputs despite temporary operational constraints. SABCA’s response prioritization focused on preventing recurrence through systemic security reinforcement rather than publicizing attack attribution or remediation specifics.