What Can Be Done to Minimize Cyber Threats to Airports?

This post is also available in: עברית (Hebrew)

The increasing sophistication of cyber threats has become one of the main concerns of the aviation industry as airports and airlines realize they are not immune to the latest cyber threats and attacks. A breach in an airport system could expose passenger’s personal data, impact security checks, affect back-office systems, take-over arrival and departure notifications, and more. The ensuing impact to an airport could ground its entire operation.

As airports become more connected and reliant upon technologies such as the cloud, integrated systems, and the Internet of Things (IoT) for increased efficiencies, it also opens the door to new vulnerabilities including security breaches, malware, spear phishing and social engineering tactics (obtaining passwords etc. by disguising as a trustworthy entity), identity theft, and more.

“There is a wide disparity in the level of cybersecurity preparedness in airports today,” said Jim Knaeble, Global Products Management at Rockwell Collins. “It can vary from an airport where cybersecurity is almost non-existent to one that has a well thought out plan in place. Additionally, depending on the size of the airport, it may or may not have the IT staff in place to monitor, analyze and respond to suspicious network security behaviors.” Late last year, it was reported that a hacker gained access to Australia’s Perth Airport systems and stole building plans and security information. In October 2017, the Ukraine’s Odessa Kiev airport reported IT system attacks. And a few months earlier, loudspeakers and screens for Vietnam Airlines were hijacked in two Vietnam airports, allowing the hackers to display offensive political messages on flight information screens. The messages have been described by state media as “distorted information” about Vietnam and the Philippines’ claims to the South China Sea. The allegations were broadcasted over the public address systems, according to huffingtonpost.com.

Cybersecurity for airports isn’t as easy as installing the latest firewall or malware detection software, Knaeble stressed. “There’s no ‘one size fits all’ for airport cybersecurity,” he notes. “Each airport environment is unique. Conducting a proactive risk assessment can identify vulnerabilities so a holistic cybersecurity program can be established,” he told connectedaviationtoday.com. Once a plan is developed and security solutions are in place, ongoing internal education of security policies and enforcement is a critical component to a comprehensive cybersecurity plan, along with enforcement of security best practices within the airports vendor and partner ecosystem. Employees may connect devices or click on a link to a site infected with malware, which can open the door to a breach.

Airports are taking notice of cyber threats and are expected to more aggressively fund cybersecurity initiatives in 2018. While new and emerging technologies will play a part in overall airport security, according to Knaeble, “the number one area that airports should be looking to invest in is creating a holistic cybersecurity program. This will ensure that all of their systems are being handled the same way, regardless of vendor.”

To this end, industry groups like ACI World and others are launching initiatives focused on preventing cyber attacks. For example, the ACI World Airport IT Standing Committee (WAITSC) has created a cybersecurity task force whose mandate is to engage and educate airports worldwide on the issues of cybersecurity.