Cyber attacks on aviation have increased by 600%. ‘Financial and state interests’ among the causes
● A study on cyber threats in aviation, conducted by leading technology company Thales, states that the aviation sector faces a growing challenge in the face of increasing ransomware attacks.
● Last year, 27 significant attacks were recorded, carried out by 22 different ransomware groups, highlighting the high level of activity and diversification of malicious actors.
● The aviation sector faces an increasing diversification of cyberattacks, with 71% of incidents focused on credential theft and unauthorized access to critical systems.
Thales, a European technology leader in the aeronautics, defense, security, cybersecurity, digital security, and space sectors, has published its latest report on cyber threats in the aviation sector, as part of the Paris Air Show in Le Bourget, in which it examines how players in the aerospace sector have become priority targets for cyberattacks, through the analysis of incidents and based on intelligence data.
According to the report, cyberattacks against this industry have increased by 600%, more specifically ransomware attacks against airlines, airports, navigation systems, and manufacturers. These cyberattacks are driven by several factors, including economic gain, ideological motivations, or operations supported by states with different objectives, highlighting the urgent need to strengthen cybersecurity measures across the sector. In addition, the study highlights that growing geopolitical tensions and cyber threats against the aviation sector have taken on strategic importance for national sovereignty, global economic stability, and the safe transport of people and goods.
The aerospace sector has become one of the main targets of cyberattacks due to its strategic relevance and the high value of the information it manages. Between January 2024 and April 2025, 27 attacks were identified, carried out by 22 different ransomware groups. This trend not only reveals an increase in the intensity and sophistication of threats, but also a greater variety of malicious actors, which poses critical challenges in terms of cybersecurity and the protection of essential infrastructure.
Ivan Fontarensky, technical director of Cyber Detection and Response at Thales, explained that “the aviation industry has become a digital battleground where important economic and geopolitical interests are at stake. The sharp increase in the number of attacks requires a holistic approach to aviation cybersecurity, new measures to integrate AI as an ally, and closer cooperation between industry and the public sector."
Widespread delays, airspace closures, and large-scale logistical failures are the main consequences.
While the number of attacks is increasing, the sector is also facing a transformation in the type of threats, with 71% of incidents involving data theft or unauthorized access to critical systems, reflecting the growing sophistication of cyberattacks. In this way, they not only jeopardize flight operations, but also pursue strategic objectives such as industrial cyber espionage, access to sensitive technologies such as avionics and communication systems, disruption of supply chains, and extraction of high-value data such as diplomatic travel plans or confidential cargo shipments.
Among the most relevant examples are denial of service (DDoS) attacks—which aim to disable the system by collapsing server traffic, making it inaccessible — carried out by a pro-Russia hacktivist group against an airline, as well as ransomware that paralyzed the maintenance and supply systems of several strategic air traffic centers.
These incidents highlight the structural weaknesses of a highly interconnected sector, in which a single error can have a cascading effect throughout the entire chain.
The high level of risk in the aerospace sector is explained by a combination of key factors: its high operational complexity, heavy reliance on critical software, interconnection between multiple actors, and the high value of the data it handles, including personal, biometric, and strategic data, as well as the immediate impact of any disruption. This can result in widespread delays, airspace closures, or large-scale logistical failures. In this context, the global aviation cybersecurity market is expected to reach a volume of US$5.32 billion in 2025, with an estimated average annual growth rate of 8.7% until 2029, driven by the increasing digitization of the sector and the intensification of cyber threats.
