Cybersecurity threats in aviation
Cybersecurity threats can impact operations and result in significant financial damage for airlines and airports. Jasleen Mann speaks to Jake Moore, global cybersecurity advisor at eset, about the various types of cybersecurity threats and the consequences.
Airports face many cybersecurity threats, even though they can sometimes be preventable. A recent example of this is a distributed denial-of-service (DDOS) attack on the website of Bradley International Airport in Connecticut, US.
A DDOS attack involves multiple machines attempting to crash one website, overloading traffic visiting the site through the use of botnets – networks of devices connected to the internet. In this case, the threat was resolved without severe impact as operations continued as normal.
IT departments are becoming increasingly aware of DDOS threats and more computers and websites recognise this as a threat. Moreover, airports and airlines fully understand the risk and put in mitigation techniques to deflect the attack; these threats are not underestimated.
The dangers for aviation
Cybersecurity threats can result in many negative outcomes for airlines and airports if they are not dealt with effectively.
Jake Moore, global cybersecurity advisor at digital security company eset, says: “Ransomware threats, which are apparent in all businesses, are a serious headache for airlines as flights could be grounded, which would hugely damage finances with the small profit margins the airlines work on.
“Airlines have previously gone bust as a result and they do not have much of a contingency. They do lots of simulations and training, but many companies do not.
“It was only recently I was going through an airport, and I realised how much is now automated, unmanned systems. The more unmanned devices or systems there are, for example ticketing and baggage operations, the more threats are attracted.”
The more unmanned devices or systems there are, the more threats are attracted.
There have been large-scale cybersecurity threats that have impacted airports and airlines, affecting many of their customers as a result.
“Airports cause international disruption and I think that increases them as a target, they create big news,” adds Moore.
“This is not just about the money there are so many motivations, financial motivators, political motivators. They are full of personal identifiable information, they are a hub of information including payment details.”
In 2018, a data breach impacted 380,000-500,000 customers of British flag carrier British Airways. The data breach involved login details, payment card details, and travel booking details being compromised. This data breach went undetected for over two months.
As credit card details were being entered, this data was being stolen. It is clear that there was a difficulty in the system which was not checking a particular area in the network.
“These payment system attacks create multiple victims who are not a part of the airport. The airports are open, and the planes are flying but there are thousands of people’s details flying around the dark web,” adds Moore
“I believe that there was an oversight from a human, someone made a judgment error. Does that fall down on one person? I don’t think so. This is an oversight that happened because we’re humans.
“We have an immense amount of work going on behind the scenes and they are doing their best to keep people’s lives, data, and money protected.”
There are thousands of people’s details flying around the dark web.
When people use airlines, it is likely that they only use it twice a year on average and for this reason are more likely to use the same password which they use for other things as opposed to creating a new one. This increases the likelihood of a data breach being successful.
Moore notes that there is a huge physical security presence in airports, which includes taking shoes off and belts off as passengers go through security checks. This is to manage physical threats, but it can also be linked to digital threats if there is an insider threat.
There are tens of thousands of people working in the aviation industry who could be manipulated or ignore their duties in terms of security checks.
Ultimately, cybersecurity threats do occur and while some are more preventable than others there are staff members who work to make sure these issues do not go unnoticed. Training costs airports and airlines time and money but once training is completed it needs to be revisited again. Airports and airlines are increasingly aware that these processes should not be overlooked.