Bringing cybersecurity globally to critical and complex key activities
Understanding the cyber threat:
The protection of airport IT systems is a major issue today and in the very near future. Even a relatively minor bug can cause chaos, resulting in flight delays and legal action by disgruntled passengers. The Delta Airlines computer system failure in 2016 is a good example of this phenomenon, as it caused problems for hundreds of thousands of people worldwide who had their flights delayed or cancelled. The threat to the airport sector concerns simultaneously the ground infrastructure, the aircraft and the passengers. Now, taking into account its destructive potential, this particular threat has emerged as a real concern for the Aviation industry.
Attacks are up in all threat categories, and better reporting alone does not fully account for the 530% year-on-year rise in reported incidents. Airlines are the first in the line of fire, targeted by 61% of all 2020 aviation-related cyber-attacks in 2020. In 2020, international passenger traffic fell by 75.6% and domestic traffic by 48.8%. However, as passenger traffic declined, cyber attacks on the aviation sector are reported to have increased.
At 36% of all reported incidents, data theft topped the cyber charts in 2020, followed by website fraud (35%) and phishing (16%). A notable and growing threat, which currently accounts for only 5%. but whose negative effects can be immense if successful, is ransomware. A worrying 39% of organizations experiencing cyber-attacks in 2020 assessed that these attacks had a medium to high impact on their operations. Indeed, according to the severity of the attacks, 12% of the attacks were classified as high, 27% as medium and 61% as low severity.
• Every week, an aviation actor suffers a ransomware attack somewhere in the world, with big impacts on productivity and business continuity, let alone data loss and/or costly extortion demands paid in order to restart operations.
• Ransomware may only comprise 5% of detected cyber-attacks on aviation in 2020, but it can have far-reaching impact for the individual players who fall victim to it.
If serious incidents involving the cyber-hijacking of an aircraft have not been observed in the wild, tampering with airplane systems is a source of concern for researchers. In 2015, expert Chris Roberts claimed to the FBI that he had successfully penetrated multiple inflight entertainment systems and was able to briefly change an aircraft’s direction. This case caught the attention of the DHS (Department of Homeland Security), which issued an alert recognizing the potential for an attack on an airplane. In 2019, DHS released another document highlighting that a malicious threat actor with physical access to a small aircraft would be able to alter flight information via the autopilot system. In addition, exploiting vulnerabilities in satellite communication technology (SATCOM) could be a vector for compromising in-flight communication devices according to Sanatamarta’s research work.
ATK6
> Alias
> Suspected origin countries
> Suspected targeted countries
> Target sectors
> Motivations
ATK133
> Alias
> Suspected origin countries
> Suspected targeted countries
> Target sectors
> Motivations
ATK35
> Alias
> Suspected origin countries
> Suspected targeted countries
> Target sectors
> Motivations
ATK11
> Alias
> Suspected origin countries
> Suspected targeted countries
> Target sectors
> Motivations
ATK40
> Alias
> Suspected origin countries
> Suspected targeted countries
> Target sectors
> Motivations