Search
Close this search box.

Aviation industry’s battle with cyber-attacks

The European aviation industry is being increasingly exposed to rising levels of risk, as criminals, hackers and state-sponsored cyber-attackers look to exploit vulnerabilities, cause chaos, and above all, fill their pockets at the expense of the aviation sector, with airlines and the flying public firmly in their sights.

Airlines continue to be an irresistible target for cybercriminals, with around $1bn a year lost from fraudulent websites alone. Add to that data theft, card fraud, air miles fraud, phishing, fake invoices and more, and you have a perfect storm for a part of the industry that continues to reel from the pandemic. Every week, an aviation company suffers a ransomware attack somewhere in the world, with big impacts on productivity and business continuity, let alone data loss and/or costly extortion demands paid in order to restart operations.

Thankfully, no impact on flight safety has yet been reported – but that is no grounds for complacency, with state-sponsored or highly organised crime syndicates capable of conducting large-scale targeted intrusions that aim at massive disruption as much as financial gain.

A major Eurocontrol report has found that many aviation businesses, including in the supply chain, are exposing themselves to extra risk by not systematically applying basic IT security controls.

61% of all identified cyber-attacks in 2020 targeted airlines, almost twice as much as the two next largest market segments combined (16% manufacturers, 15% airports). The vast majority of these attacks – 95% – were financially motivated: 739 out of 775 incidents. This led to financial loss in 55% of cases, and the leaking or theft of personal data in an additional 34% of cases.

The fake airline ticket business is extremely lucrative: The average value of a purchase is significantly higher than that of a legitimate purchase. “Big Game Hunting“ fraudsters are drawn to the profit margins on airline ticket fraud – where the average cost of a fake ticket, at around $1,930, is almost triple that of a legitimate purchase (on average $606).

Airline loyalty programme accounts are a hugely attractive target for fraudsters, and the pandemic has accelerated criminal interest as airlines began returning money via loyalty accounts to passengers whose flights had been cancelled owing to the pandemic, or extending the validity period of accumulated miles. In 2020 EATM-CERT issued alerts to 30 airlines, and detected 15,493 accounts on offer on the dark web, worth over $400,000. The total market value of unredeemed miles is enormous – estimated by IATA at $238bn.

With aviation moving towards introducing more and more digitalisation thanks to new technologies and concepts using non-aviation specific means (e.g. Cloud, 5G, Internet, satellite communications and navigation). This will inevitably increase the number of aviation actors potentially impacted by a cyber-attack.

The challenge now lies in making aviation systems/services progressively more and more cyber-resilient while remaining safe and cost-effective.

Last Wednesday a blanket ban on flight departures was implemented by the US aviation regulator, the Federal Aviation Administration, owing to a failure of the NOTAM (notice to air missions) system. A NOTAM is a notice issued by a country’s aviation regulator to deliver essential information and directives to pilots, controllers, airline operation hubs and personnel involved in ensuring the safe travel of an aircraft from A to B. Before departure, pilots will refer to a NOTAM to check updates on active runways at their destination, along with potential airspace restrictions, hazards nearby, security notices, and even weather. NOTAMs keep aviation sectors informed and up-to-speed, and with the FAA suffering an “outage” on its centralised NOTAM system, US air travel was restricted in a significant way.

At 7:19am ET, the FAA said it had “ordered airlines to pause all domestic departures” until 9am ET to give it time to “validate the integrity of flight and safety information.” By the time of the first statement, United Airlines had already announced it had grounded all flights. By 8:15am ET, the FAA said departures from a few airports were resuming after “making progress in restoring its Notice to Air Missions system following an overnight outage.” Almost an hour later, a full restoration of the system was confirmed, and the FAA said that the flight ban had been lifted.

While it’s the first time the US has suffered a glitch with its NOTAM system that inevitably affected US aviation as a whole given the prominent role the FAA has to play as a regulator, it has refreshed the legitimate concerns many have in the industry of two significant threats to the smooth running of air travel everywhere: out-dated IT and the constant risk of cyber-attacks.

Following Wednesday’s US flight disruption, White House Press Secretary Karine Jean-Pierre said: “There is no evidence of a cyber-attack at this point” but an investigation has now started to determine the root cause.

Source: Civil Aviation Authority-Qatar

Recent post's