Chris Roberts, Chief Security Strategist, Attivo Networks, has provided insight about some of the key threats and how they are being combated in an article on Cybersecurity and Aviation by Intelligent CISO and Intelligent CIO.
The aviation sector is being increasingly digitised which, while providing numerous benefits for consumers and passengers, also introduces new risks and makes the industry a hot target for cybercriminals.
Airlines and airports spent a record US$50 billion in 2018 on IT to support improvements to the passenger journey and are now beginning to enjoy the benefit of that investment.
Figures published by SITA for the first time show that this investment has resulted in a significant improvement in both the satisfaction levels for passengers and average processing time.
The SITA 2019 Air Transport IT Insights shows that 60% of airline CIOs recorded up to a 20% year-on-year improvement in passenger satisfaction. During the same period, 45% of them recorded up to 20% improvement in the rate of passengers processed.
What are some of the unique cyberthreats to the aviation sector and why?
Chris Roberts, Chief Security Strategist, Attivo Networks (CR): Unlike many other industries the airline sector still depends on everyday use of decades-old bespoke proprietary systems. Air-ground communications systems – such as the Aircraft Communications Addressing and Reporting System (ACARS) – are gradually being interconnected to allow them to be controlled remotely via the Internet. As they do this air traffic operators are keenly aware that doing so increases the risk that outsiders could access onboard systems.
How is the aviation sector rising to the challenge of combatting these threats?
CR: The introduction of increased Internet connectivity brings opportunities for elevated revenue streams and operation savings to the aviation sector. At the same time passengers and industry regulators will expect ever more robust cybersecurity measures to protect the information they exchange and access through aircraft in the sky. The answer to the rising challenges for providers of in-flight communication services – some of which are constrained by the architecture and physical limitations of their networks – is to build increased security layers around these more capable networks.
Can you outline any use cases of how technology is being used to mitigate threats?
CR: In-flight communication services, both for the entertainment of the general passenger and the efficiency of the business traveller, face steady growth in demand that is certain to increase as passengers insist on the ability to do more and to do it faster while aloft. That demand will only increase further as airlines and other aircraft operators seek greater access to operational and systems data from their flights while they are in the air, in order to improve the cost-effectiveness of their own operations as well as the in-flight experience of passengers.
Would you offer any best practice advice for dealing with threats in this industry?
CR: The aviation industry should start to shift from the traditional security stack to a more proactive stance. Additionally, they must move to an assumed-breach posture. This means focusing less on deflecting an attack and more on using tools that allow them to assess their detection, deception and data integrity options.
Are there any trends or future trends that CISOs working in the sector should prepare for?
CR: Two trends with the potential to introduce new cyberthreat vectors to the aviation sector stem from the availability of Internet-enabled systems on board airplanes. First, is the increasing presence of Internet accessible passenger Infotainment systems. Second, is the presence of Internet of Things devices used for predictive maintenance and near real time reporting of operational components in the aircraft.