Aviation is the safest mode of transportation, but in recent months, cybersecurity threats have come to light. The aviation industry is far from alone in the fight against cyber threats. As digital technology advances, so do the potential threats that can not only damage a network and a company’s reputation, but can also be used to collect personal data. For National Cybersecurity Awareness Month, The New Airspace has compiled information about the most recent aviation cyberattacks along with suggestions from industry leaders to keep airlines and airports secure.
Last month, British Airways faced a hack that exposed over 380,000 transactions, leaving customer financial data on its network vulnerable to exploitation. After finding the breach that exposed financial information over a two-week period, the airline said it was “investigating, as a matter of urgency, the theft of customer data from our website and our mobile app.”
The airline ensured customers that travel and passport details were not affected and promised to reimburse any financial losses stemming from the data breach. The breach has since been secured and British Airways is working with authorities to determine the attacker.
Read more on NPR.
The U.K.’s Bristol Airport had its computer systems attacked by ransomware recently. The attack resulted in a computer shutdown that left airport employees to keep the airport functioning. Hackers installed the ransomware by gaining access to internet-connected computers that control display screens around the airport. After shutting down the system, the attackers demanded an undisclosed sum from airport officials, which was declined, and the officials worked to restore the systems themselves.
To keep the airport functioning, staff was forced to print out flight information and write times on whiteboards. Following the event, retired U.S. Air Force cybersecurity expert Major General Robert Wheeler explained that the government needs to create modular network-connected systems to combat cyberattacks.
Read more on Business Insider.
At AVSEC World Day, industry leaders shared insights on cybersecurity. Alex Hampson, senior product leader for cybersecurity at SITA, said that cyber-attacks are seen in isolation rather than linked to operations.
“But there are systemic risks,” he added. “Every organization will be hacked, but it is how they deal with that reality that makes the difference.”
Leen van Duijn, KLM’s vice president of security services, said “cybersecurity is not a boardroom topic in general. It is mentioned but without sufficient knowledge. And the fact is that every day brings a new challenge.” With a lack of understanding at the boardroom level, organizations struggle to secure investments for cybersecurity.
Read more from IATA.
Each year, spending on cybersecurity increases and the number of data breaches continues to grow. Could openness, collaboration and sharing be the key to more effective cybersecurity efforts? Bruce Schneier, a cybersecurity expert, said that “public scrutiny is the only reliable way to improve security, while secrecy only makes us less secure.”
Aviation has been the leader of security for many years. Flying is the safest mode of transportation thanks to an industry that works together to share information about threats. If all industries adopted a policy like aviation, security would no longer be a culture of hiding, but one of support.
Read more on Forbes.