DASG
Company Details
Linkedin ID:
dfs-aviation-services
Website:
Employees number:
196
Number of followers:
11,990
NAICS:
3364
Industry Type:
Homepage:
dfs-as.aero
IP Addresses:
0
Company ID:
DFS_2604126
Scan Status:
In-progress
DFS Aviation Services GmbH Company CyberSecurity Posture
dfs-as.aero
DFS Aviation Services is a subsidiary of DFS Deutsche Flugsicherung, the German air navigation service provider (ANSP). DFS is responsible for one of the most complex airspaces in the world and handles around 3 million flights annually. The core business of DFS Aviation Services consists of air navigation services at regional airports as a certified ANSP in Germany. The combination of technical and operational expertise allows us to provide customers with tailor-made solutions. The extensive portfolio comprises products and services in ATM. These include: - Air traffic services (ATS) & Apron - Consultancy - Aeronautical Data, Engineering & Systems - Aviation Training Services Through its UK subsidiary, Air Navigation Solutions Ltd., the company is also responsible for the provision of air traffic control at Edinburgh Airport. In Asia, DFS Aviation Services maintains a branch office in Singapore for contact on-site. Since 2019, the subsidiary DFS Aviation Services Bahrain Co.W.L.L. is responsible for the provision of operational and administrative personnel in Bahrain and supports the Bahrain Ministry of Transportation and Telecommunication. In South America, DAS has a branch office in Lima. DFS Aviation Services additionally offers turnkey remote tower solutions via its Joint Venture FREQUENTIS DFS AEROSENSE.
DFS Aviation Services GmbH A.I CyberSecurity Scoring
DASG Risk Score (AI oriented)Between 700 and 749
DASG
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
DASG Global Score (TPRM)XXXX
DASG
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
DASG Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
DFS Aviation Services GmbH: Germany Blames Russia for Cyberattack on Air Safety, Election Interference
Cyber Attack
Rankiteo Explanation
Attack threatening the economy of geographical region
Description: **Germany Accuses Russia of Cyberattack on Air Traffic Control and Election Interference** Germany has formally attributed a cyberattack on its air traffic control systems and a disinformation campaign targeting its 2024 federal election to Russia’s military intelligence agency, the GRU. In a press briefing on Friday, a German Foreign Ministry spokesman stated that intelligence services had "clearly identified" the involvement of the hacker group **APT28 (Fancy Bear)**, a collective linked to the GRU, in an August 2024 attack on **German Air Safety**. The spokesman also confirmed that Russia orchestrated the **Storm 1516 campaign**, a coordinated effort to influence the February parliamentary election—won by Chancellor Friedrich Merz’s conservatives, with the far-right AfD securing its highest-ever result. The campaign disseminated **deepfake content and fabricated claims** about prominent politicians, including Merz, former Foreign Minister Annalena Baerbock, and former Vice Chancellor Robert Habeck, aiming to **erode public trust in democratic institutions**. German intelligence identified **pro-Russian influencers, conspiracy theorists, and far-right extremists** as key amplifiers of the disinformation. Fact-checking efforts by **AFP’s German service** debunked false narratives, including claims that AfD ballots were excluded in Leipzig and votes for the party were destroyed in Hamburg. Russia’s embassy in Berlin dismissed the accusations as **"baseless and absurd,"** while German officials emphasized they possessed **"absolutely solid proof"** of Moscow’s involvement. The head of Germany’s domestic intelligence agency, **BfV**, warned that such operations represent a direct attack on the country’s democratic order. In response, Germany announced plans to **impose EU-wide sanctions on hybrid actors** and enhance **Schengen Area travel monitoring for Russian diplomats** starting in January to mitigate intelligence risks. The move aligns with broader European concerns over **Russian espionage, sabotage, and cyber threats**, particularly as Germany remains a leading supporter of Ukraine amid the ongoing war.
DASG Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for DASG
Incidents vs Aviation and Aerospace Component Manufacturing Industry Average (This Year)
DFS Aviation Services GmbH has 29.87% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
DFS Aviation Services GmbH has 29.87% more incidents than the average of all companies with at least one recorded incident.
Incident Types DASG vs Aviation and Aerospace Component Manufacturing Industry Avg (This Year)
DFS Aviation Services GmbH reported 1 incidents this year: 1 cyber attacks, 0 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — DASG (X = Date, Y = Severity)
DASG cyber incidents detection timeline including parent company and subsidiaries
DASG Company Subsidiaries
DFS Aviation Services is a subsidiary of DFS Deutsche Flugsicherung, the German air navigation service provider (ANSP). DFS is responsible for one of the most complex airspaces in the world and handles around 3 million flights annually. The core business of DFS Aviation Services consists of air navigation services at regional airports as a certified ANSP in Germany. The combination of technical and operational expertise allows us to provide customers with tailor-made solutions. The extensive portfolio comprises products and services in ATM. These include: - Air traffic services (ATS) & Apron - Consultancy - Aeronautical Data, Engineering & Systems - Aviation Training Services Through its UK subsidiary, Air Navigation Solutions Ltd., the company is also responsible for the provision of air traffic control at Edinburgh Airport. In Asia, DFS Aviation Services maintains a branch office in Singapore for contact on-site. Since 2019, the subsidiary DFS Aviation Services Bahrain Co.W.L.L. is responsible for the provision of operational and administrative personnel in Bahrain and supports the Bahrain Ministry of Transportation and Telecommunication. In South America, DAS has a branch office in Lima. DFS Aviation Services additionally offers turnkey remote tower solutions via its Joint Venture FREQUENTIS DFS AEROSENSE.
Loading...
DASG Similar Companies
B/E Aerospace
B/E Aerospace is now part of Rockwell Collins. With the acquisition of B/E Aerospace in April 2017, Rockwell Collins is now a world leader in designing, developing and manufacturing cabin interior products and services that deliver innovation, reliability and efficiency. Our broad range of offeri
NASA - National Aeronautics and Space Administration
For more than 60 years, NASA has been breaking barriers to achieve the seemingly impossible—from walking on the Moon to pushing the boundaries of human spaceflight farther than ever before. We work in space and around the world in laboratories and wind tunnels, on airfields and in control rooms to e
Embraer
A global aerospace company headquartered in Brazil, Embraer has businesses in Commercial and Executive Aviation, Defense & Security, and Agricultural Aviation. The company designs, develops, manufactures and markets aircraft and systems, providing Services and Support to customer after-sales. Sinc
Pratt & Whitney, an RTX business, is a global leader in propulsion systems, powering the most advanced aircraft in the world, and we are shaping the future of aviation. Our engines help connect people, grow economies and defend freedom. Our customers depend on us to get where they’re going and back
Airbus
Airbus pioneers sustainable aerospace for a safe and united world. The Company constantly innovates to provide efficient and technologically-advanced solutions in aerospace, defence, and connected services. In commercial aircraft, Airbus designs and manufactures modern and fuel-efficient airliners
Spirit AeroSystems defines and energizes modern aerospace manufacturing by delivering uncompromising quality, breakthrough innovations and high-skilled production expertise to commercial, defense and business aerospace programs. Spirit AeroSystems is the world’s largest tier-one manufacturer and sup
SpaceX
SpaceX designs, manufactures and launches the world’s most advanced rockets and spacecraft. The company was founded in 2002 by Elon Musk to revolutionize space transportation, with the ultimate goal of making life multiplanetary. SpaceX has gained worldwide attention for a series of historic mil
Textron Inc. is a multi-industry company that leverages its global network of aircraft, defense, industrial and finance businesses to provide customers with innovative solutions and services. Textron is known around the world for its powerful brands such as Bell, Cessna, Beechcraft, Pipistrel, Jacob
Federal Aviation Administration
The FAA is on the leading edge of a new frontier in commercial space transportation, building the next generation (NextGen) of satellite-based navigation systems, and fostering the safe integration of unmanned aerial systems into our airspace. We can only dream of what the next 50 years of American
.png)
DASG CyberSecurity News
October 08, 2025 07:00 AM
Bitdefender and secunet Partner to Deliver Sovereign Cybersecurity to European Businesses
Data Residency, Control, and Processing within Germany and the EU in Accordance with Regulatory Requirements.
October 14, 2024 01:07 AM
HENSOLDT passive radar to be used in civil aviation
HENSOLDT is working with DFS, the German air navigation service provider, to allow the use of its Twinvis passive radar for civil air traffic safety.
September 26, 2024 07:00 AM
Air Navigation Service Providers
Commercialisation and its wider impact: Aviation 2030 series.
November 10, 2022 08:00 AM
Indra revamps Germany’s entire air surveillance network with new state-of-the-art radars to ensure safer, more digital, and sustainable aviation | indra
It will modernize the entire air surveillance radar network of DFS, the German air navigation service provider, with a minimum of 23 new...
October 22, 2017 05:51 AM
DFS and Indra move forward in the implementation of the Single European Sky by introducing the next-generation technology for control of upper airspace | indra
The German air navigation service provider DFS Deutsche Flugsicherung and global consulting and technology provider Indra have implemented the next-generation...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
DASG CyberSecurity History Information
Official Website of DFS Aviation Services GmbH
The official website of DFS Aviation Services GmbH is http://www.dfs-as.aero.
DFS Aviation Services GmbH’s AI-Generated Cybersecurity Score
According to Rankiteo, DFS Aviation Services GmbH’s AI-generated cybersecurity score is 734, reflecting their Moderate security posture.
How many security badges does DFS Aviation Services GmbH’ have ?
According to Rankiteo, DFS Aviation Services GmbH currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does DFS Aviation Services GmbH have SOC 2 Type 1 certification ?
According to Rankiteo, DFS Aviation Services GmbH is not certified under SOC 2 Type 1.
Does DFS Aviation Services GmbH have SOC 2 Type 2 certification ?
According to Rankiteo, DFS Aviation Services GmbH does not hold a SOC 2 Type 2 certification.
Does DFS Aviation Services GmbH comply with GDPR ?
According to Rankiteo, DFS Aviation Services GmbH is not listed as GDPR compliant.
Does DFS Aviation Services GmbH have PCI DSS certification ?
According to Rankiteo, DFS Aviation Services GmbH does not currently maintain PCI DSS compliance.
Does DFS Aviation Services GmbH comply with HIPAA ?
According to Rankiteo, DFS Aviation Services GmbH is not compliant with HIPAA regulations.
Does DFS Aviation Services GmbH have ISO 27001 certification ?
According to Rankiteo,DFS Aviation Services GmbH is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of DFS Aviation Services GmbH
DFS Aviation Services GmbH operates primarily in the Aviation and Aerospace Component Manufacturing industry.
Number of Employees at DFS Aviation Services GmbH
DFS Aviation Services GmbH employs approximately 196 people worldwide.
Subsidiaries Owned by DFS Aviation Services GmbH
DFS Aviation Services GmbH presently has no subsidiaries across any sectors.
DFS Aviation Services GmbH’s LinkedIn Followers
DFS Aviation Services GmbH’s official LinkedIn profile has approximately 11,990 followers.
NAICS Classification of DFS Aviation Services GmbH
DFS Aviation Services GmbH is classified under the NAICS code 3364, which corresponds to Aerospace Product and Parts Manufacturing.
DFS Aviation Services GmbH’s Presence on Crunchbase
No, DFS Aviation Services GmbH does not have a profile on Crunchbase.
DFS Aviation Services GmbH’s Presence on LinkedIn
Yes, DFS Aviation Services GmbH maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/dfs-aviation-services.
Cybersecurity Incidents Involving DFS Aviation Services GmbH
As of December 13, 2025, Rankiteo reports that DFS Aviation Services GmbH has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
DFS Aviation Services GmbH has an estimated 2,723 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at DFS Aviation Services GmbH ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
How does DFS Aviation Services GmbH detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with public disclosure by german foreign ministry..
Incident Details
Can you provide details on each incident ?
Title: Cyberattack on German Air Traffic Control and Disinformation Campaign Ahead of 2024 Election
Description: Germany accused Russia of a cyberattack targeting its air traffic control and spreading disinformation ahead of the February 2024 general election. The attack was attributed to the hacker group APT28 (Fancy Bear), linked to Russia's military intelligence service GRU. The disinformation campaign, Storm 1516, aimed to divide society and undermine trust in democratic institutions.
Date Detected: 2024-08
Type: Cyberattack
Threat Actor: APT28 (Fancy Bear), GRU (Russian military intelligence)
Motivation: Influence electionDestabilize democratic institutionsDivide society
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
Impact of the Incidents
What was the impact of each incident ?
Incident : Cyberattack DFS1765591851
Systems Affected: German Air Traffic Control
Brand Reputation Impact: Undermined trust in democratic institutions
Which entities were affected by each incident ?
Incident : Cyberattack DFS1765591851
Entity Name: German Air Traffic Control
Entity Type: Government Agency
Industry: Aviation/Transportation
Location: Germany
Incident : Cyberattack DFS1765591851
Entity Name: German Federal Election
Entity Type: Government
Industry: Politics
Location: Germany
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Cyberattack DFS1765591851
Communication Strategy: Public disclosure by German Foreign Ministry
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Cyberattack DFS1765591851
Legal Actions: Potential EU sanctions against hybrid actors
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Potential EU sanctions against hybrid actors.
References
Where can I find more information about each incident ?
Incident : Cyberattack DFS1765591851
Source: AFP
Incident : Cyberattack DFS1765591851
Source: German Foreign Ministry
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: AFP, and Source: German Foreign Ministry.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Cyberattack DFS1765591851
Investigation Status: Attributed to APT28/GRU
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Public disclosure by German Foreign Ministry.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Cyberattack DFS1765591851
Stakeholder Advisories: German government warning of hybrid threats and disinformation
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was German government warning of hybrid threats and disinformation.
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Cyberattack DFS1765591851
Root Causes: Russian state-sponsored cyber operations
Corrective Actions: Eu Sanctions Against Hybrid Actors, Enhanced Monitoring Of Russian Diplomats' Travel,
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Eu Sanctions Against Hybrid Actors, Enhanced Monitoring Of Russian Diplomats' Travel, .
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an APT28 (Fancy Bear) and GRU (Russian military intelligence).
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2024-08.
Impact of the Incidents
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Potential EU sanctions against hybrid actors.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are AFP and German Foreign Ministry.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Attributed to APT28/GRU.
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was German government warning of hybrid threats and disinformation, .
.png)
Latest Global CVEs (Not Company-Specific)
Description
PCSX2 is a free and open-source PlayStation 2 (PS2) emulator. In versions 2.5.377 and below, an unchecked offset and size used in a memcpy operation inside PCSX2's CDVD SCMD 0x91 and SCMD 0x8F handlers allow a specially crafted disc image or ELF to cause an out-of-bounds read from emulator memory. Because the offset and size is controlled through MG header fields, a specially crafted ELF can read data beyond the bounds of mg_buffer and have it reflected back into emulated memory. This issue is fixed in version 2.5.378.
Risk Information
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. In versions 3.3 and below, incorrect handling of malformed data in Java-based decompressor implementations for Snappy and LZ4 allow remote attackers to read previous buffer contents via crafted compressed input. With certain crafted compressed inputs, elements from the output buffer can end up in the uncompressed output, potentially leaking sensitive data. This is relevant for applications that reuse the same output buffer to uncompress multiple inputs. This can be the case of a web server that allocates a fix-sized buffer for performance purposes. There is similar vulnerability in GHSA-cmp6-m4wj-q63q. This issue is fixed in version 3.4.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/?page=zone. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability has been found in itsourcecode COVID Tracking System 1.0. Affected is an unknown function of the file /admin/login.php of the component Admin Login. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A flaw has been found in campcodes Online Student Enrollment System 1.0. This impacts an unknown function of the file /admin/register.php. Executing manipulation of the argument photo can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published and may be used.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=dfs-aviation-services' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
