Aircraft security is again under the spotlight after the US government confirmed a move to protect citizens from cyberattacks targeting the aviation industry. It comes amid growing concerns that aviation is a major target for terrorists, who could use cyberattacks to threaten planes and passenger safety.
The US Department of Home Security (DHS) is updating a previous security program in conjunction with the Pentagon and the US Department of Transportation (DOT), with aims to test airline’s vulnerabilities to hacks. Sources report that DHS will test actual aircraft for cyber vulnerabilities. The program is focusing on protecting the electronic systems of new and old airliners from cyber intrusions. Concerns are growing after cyberattacks on other connected critical infrastructure, such as power grids have been seen. A US government program is in place to focus on power grids via the US Solar Energy Industries Association (SEIA) Congressional Bill, which mandates the use of specific technologies to help protect the electric grid systems. The US Air Force is additionally taking a bigger role in identifying security problems in commercial aviation systems, many of which are concurrently used by the military.
To date, cyberattacks targeting airlines have aimed at its IT systems, rather than the aircrafts. As an example, British Airways is facing a sizable aviation fine after passenger data from around 380,000 bookings was breached, including bank card numbers with associated cvv codes.
Some military analysts believe this current push for cyber security could be based upon secret intelligence, that has identified nation state and non-nation state actors possibly researching vulnerabilities in aircraft networks. Historically, high tier hackers have not found a way of directly hacking aircraft. This based upon the fact that if terrorist had possessed that technology, they would have already used it to cause havoc. For instance, the ISIS Cyber Arm, the Cyber Caliphate Shield, is very motivated to carry out these types of attacks, yet do not “currently” have the technical capabilities.
Modern aircraft are essentially “flying data centers in the sky,” says the chief security officer at AMTrust Europe. “It's natural for the Air Force to apply its cyber defensive and offensive skills in order to insure the logistical and refueling fleet is robust when it comes to physical and cybersecurity. I believe this is a great idea and the Airforce is about to pick up the cybersecurity ball after the FAA–for a lot of reasons–either dropped it or had it taken away.” He points out that the US Airforce's mission of “fly, fight and win in air, space and cyberspace”’ cannot be achieved “if the civilian platforms they have, prove vulnerable to cyberattack.”
This is a major issue, and the consequences of cyberattacks targeting commercial aircraft would be catastrophic. Solid cyber security strategies that employ constant monitoring and mitigation, is a requirement. The aviation sector is facing cybersecurity challenges as it moves away from old procedures of isolation. Separating its key systems with ‘air gaps’ is not enough to prevent hackers from accessing a system. Many believe a risk-based approach to aviation cybersecurity is needed so that aviation manufacturers, systems integrators and aviation operators embed cybersecurity risk into all their products from design to final product.
In the past, Wapack Labs has collected and analyzed on past airline related incidents, such as the Delta Airline hack. This was the hack of their ticketing system and not its aircraft yet demonstrates the aviation transpiration sectors interests by both state and non-state sponsored bad actors.
Wapack Labs is in New Boston, NH. We are a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or firstname.lastname@example.org