While the problems facing the aviation industry are complex and widespread, the problem of cyber security is now among the most pressing issues confronting aviation. During this blog, we’ll discuss current issues regarding cyber security, as well as the means of combating current and future threats.
Confronted with the responsibility for transporting millions of passengers between global destinations on a daily basis, the aviation industry is required to maintain one of the most complex and integrated information and communications technology (ITC) systems on the planet. However, this electronic network is vulnerable to software glitches, hardware and network failures, as well as the ever-probing cyber-attackers. Though a number of other industries are subject to cyber attack, the effects of a cyber attack upon aviation can have life-threatening and potentially dire consequences. The safety of aircraft and their passengers, the operational security and fiscal well being of the airlines and related industries, in addition to the reputation of the aviation industry as a whole. These threats range from isolated individuals simply looking to create mayhem and confusion to dedicated hackers and cyber-criminals intent on sabotage and the theft of information or intellectual property.
A number of specific threats have arose within the last ten years to include avionics systems, software glitches, control system errors and electronic flight bag failure. The avionics threat involves thousands of attacks globally on a monthly basis. Perhaps the most distinctive targets are the connective communication systems between aircraft and the ground. Such avionics transmit flight data, as well as monitor and manage vessels and relay data to and from ground-based networks. Other possible vulnerable elements are reservation systems, cargo handling and shipping, hazardous materials transportation and flight traffic management. According to a recent study, software, design processes and related manufacturing data may soon become vulnerable. Software glitches are another source of data vulnerability. An incident involving an Airbus A319 taking off from Belfast in June 2015, in which corrections made by the pilot for distance and speed calculations allowing for a change in the weather were not reported back correctly by the flight bag software, resulting in data plotted for a longer runway, which left insufficient runway to abort a take-off. Fortunately, the flight captain was able to take-off with only 656 feet to spare. Control system errors involve irregular patterns in air traffic data programs. For example, in April 2018 European air passengers experienced massive traffic disruptions after the Easter holiday due to the failure of the Enhanced Tactical Flow Management System, which affected approximately 15,000 flights over the continent. Another source of cyber penetrations are electronic flight bag failures. Electronic flight bags act as an alternative to the reams of paper flight documents carried on board by the airline flight staff. The flight bags are tablet devices with touchscreens offering the advantages of saving fuel for the airlines due to less bulk carried aboard the plane in addition to environmental benefits. However, these devices use wireless connectivity and mobile apps to communicate flight plans to an entire air fleet. The only problem-any software operating the device is subject to hacking.
Though digital transformation is enabling global aviation to deliver better service to its customers, it is concurrently raising its threat exposure. Aviation stakeholders should come together for the good of the industry, traveling population and the global economy as a whole. Cyber security measures should not be merely a race against threat actors, but rather a proactive means of covering risks for the air transport industry. A number of measures may be utilized by global aviation to defend against both current and future cyber attacks. Strong and all inclusive cyber security policies should be established and enforced within the organization, taking into consideration all relevant industry standards and requirements for legal and regulatory compliance. Procedures and policies should be put in place for the predictive monitoring of IT systems and related data chains to insure the protection of operational and customer information. Penetration and operational testing should be conducted on all critical systems at intervals, using external contractors maintaining high standards of integrity. Procedural and contractual steps should be taken to minimize insider risks, as well as those from supply chains, third party vendors and partner agencies. Procedures should be formulated to expedite notifying customers, stakeholders and regulatory agencies, in the event of a security incident or data breach. The firm should also provide training to meet cyber security best practices, in addition to proper security procedures for the protection of internal documents and intellectual property. This training should be conducted on a regular basis, promoting a culture of proactive cyber security within the organization. Legal and compliance teams should also coordinate their activities with local regulatory and legislative authorities. Finally, the organization should invest in comprehensive cyber security insurance for protection against current and future liabilities.