The cyber threats to civilian flight
This post is also available in: 
עברית (Hebrew)
Many people are afraid to fly. Most of them fear than the plane will suffer a malfunction they have no control over midflight, as they’re sitting on it. In the past, the main concern was from a technical malfunction or terrorist hijacking, but one the main threats to commercial aerial transportation today is cyber attack. In the past cyber threats weren’t so substantial when it came to airplanes, as the field was fairly digital. Computers have only infiltrated planes in the 1970s, after the U.S. has developed the first stealth aircraft. About twenty years later, in the 1990s, computer became more and more present even in passenger planes and today the role of the computer is so central that it’s possible to say that the pilot is running the computer as the computer is running the plane. The computer control all of the plane’s core systems in charge of its flight capabilities. Therefore, it only makes sense that the fear of cyber attack by hostile elements is keeping a lot of people very busy.
So what are the cyber dangers is today’s civilian airplane facing? David Stupples from City University in London claims that breaking in the airplane’s computer systems by the wireless internet on deck is not possible and that the only way to get into the computer system is by injecting it with malware. However, even this is very hard to do since it means that one the plane’s computer programmers has done it intentionally and that’s highly unlikely since one would think that inspections and background checks are being done to prevent the wrong people from working in such important positions. Another way is taking over the plane after successfully integrating the malware in computers on the plane itself, but this also demands very high abilities and a high level of sophistication from the attacker. Stupples and his colleagues have conducted a research that has shown that most likely option to enter malware into a plane’s computer systems is by doing it during development by a corrupt employee backed by a large criminal body or even a country.
Researchers from the university in London are trying to figure out ways by which the system could identify misconduct after a successful cyber attack has already been launched. After identification, it can cope with the malware that is already inside the system.
