International. The aviation industry has expanded in recent decades and today air travel is part of people's lives around the world. Such growth has evidenced the need to develop and adopt more and better cybersecurity protocols and requirements.
Precisely, sustainability and safety have been the main focuses of attention in the sector this year, and rightly so. Soon to be held, the upcoming Paris 2023 Air Show is touted by announcing "advances in the global aerospace and defense industry, including new orders and partnerships [...] for a safe and united world", while cyberattacks against the aviation industry are increasing.
Recently there has been a wave of attacks like the one suffered by British Airways last June, when a ransomware group called Clop attacked the organization with malicious file-transfer software MOVEit.
New dynamics, new challenges
How can you break into the systems of global airlines that have significant financial muscle? You can get a hint when you consider that the use of multiple interconnected systems long ago replaced the old process with banknotes and payment cards. Thus, air travel became an end-to-end digital experience.
Book a ticket, check passports, check payments; Every step of the airport security protocol uses technology that once seemed like science fiction. Even in the cockpit the systems are interconnected. However, there is still a cybersecurity gap in aviation today related to multiple aspects.
Third-party supply chains and risks
Aviation companies often turn to third-party providers for the provision of critical infrastructure, services and software, related to aspects such as flight planning, aircraft maintenance, software and navigation systems, to name a few.
In this way, any risk faced by these providers can lead to consequences such as air traffic disruptions, loss of confidential data and potential security risks.
An example of this is the data breach suffered in 2019 by the airline Cathay Pacific, based in Hong Kong. During the attack, intruders gained access to the systems through a third-party vendor and stole sensitive information, including the passport and credit card numbers of millions of passengers.
This type of information can be used to develop large-scale phishing campaigns and carry out identity fraud, not to mention the regulatory impact the episode had on the airline.
Coping with risk
According to the company Security HQ, it is necessary to take proactive measures to face cybersecurity risks that can originate from third parties, as well as attacks on the supply chain. This means enforcing strict protocols, conducting regular audits of suppliers, and ensuring that aviation systems and related infrastructure are closely protected.
In addition, air operations need to have an appropriate mix of security measures. Endpoint protection, vulnerability management, and threat and risk intelligence are crucial elements. Other tools and solutions available on the market are:
- Managed Endpoint Protection (EPP) that allows to prevent and contain any threat directed to a large environment, mitigating any potential damage.
- Vulnerability management as a service (VMaaS) that can prevent digital wealth from being exposed to malicious actors.
- Threat and Risk Intelligence (TRI). Dark Web artifacts and intelligence can be used to give early warning signals, take preventative action, and even track down threat authors.
- MSSP that can help alleviate cybersecurity issues in aviation by providing the expertise needed to bridge the knowledge gap, assist with regulatory compliance, and streamline data management.
- CSM and analysts covering all areas of an extensive technology stack.
- 24/7/365 global SOCs providing 24-hour incident response.
