Insider Threats to the Friendly Skies

12125582881?profile=RESIZE_400xA recent survey conducted by Bridewell, a cybersecurity services company headquartered in the UK, revealed a concerning surge in insider cyber threats within critical national infrastructure (CNI) organizations.  The transport and aviation sectors are particularly at risk.  As economic uncertainties loom, organizations are facing budget cuts in cybersecurity, further exacerbating the threat landscape.  This research is some of the first conducted by Bridewell that focuses on the US.[1]

Bridewell's Principal lead consultant talked about the consequences of these trends and how organizations can mitigate cyber threats; this in a recent interview with Avionics International.  “Over the past decade, cybersecurity has become a mainstay in overall budgets at organizations,” he explained.  “However, in in the past 12 to 18 months, we've seen a reduction in those budgets with our clients in the aviation sector—as well as those that we surveyed.”

The economic downturn has prompted a reduction in cybersecurity budgets across various industries, including transport and aviation.  While cybersecurity has become a significant component of organizational budgets over the past decade, recent financial instabilities have led to budget pullbacks.  The economic uncertainty also fuels concerns about an increase in cybercrime within organizations.  As employees face job insecurity and financial pressures, a notable 30% of surveyed companies expect an upsurge in internal cybercrime.  Simultaneously, approximately 34% anticipate an increase in external cyberattacks orchestrated by tech-savvy individuals driven by economic conditions.

To adapt to budgetary limitations, organizations are adopting different strategies.  Outsourcing historically internal cybersecurity activities to third parties can offer potential cost savings, Bridewell commented.  Companies may also delay cybersecurity projects and assessments, hoping for improved economic conditions in the future.

Additionally, it emphasized the consolidation of vendors as a growing trend.  The aviation industry has experienced an influx of vendors supplying various components, leading to increased risk exposure.  “It's becoming a tipping point of having too many vendors to try to manage,” Bridewell said.  Consolidating vendors allows organizations to streamline risk analysis and assessment, resulting in time and cost savings.

Among the numerous cyber threats faced by the aviation industry, ransomware attacks pose the most significant concern.  Ransomware can effectively paralyze an organization's daily operations, impeding access to essential systems and applications.

Bridewell's survey indicates an average of 24 ransomware-related incidents within the aviation industry over the past year alone.  This number likely underestimates the actual occurrence, it noted.  “We see those numbers underreported because no company wants to admit when they've had these cyber attacks.” It is crucial to acknowledge that ransomware attacks will remain a persistent threat in the aviation industry and elsewhere.

Bridewell suggests several strategies to combat the risks posed by insider cyber threats.  Firstly, organizations should prioritize maintaining a sufficient cybersecurity budget, even amidst poor economic conditions.  Investing in robust cybersecurity measures and staff training is vital to ensure proactive defense against evolving threats.

Additionally, organizations must cultivate a strong cybersecurity culture, emphasizing employee awareness and education on cybersecurity best practices. Regularly evaluating and updating security protocols, conducting cybersecurity assessments, and engaging third-party experts can further bolster defenses.

The alarming rise in insider cyber threats within critical infrastructure organizations, including the transport and aviation sectors, demands immediate attention. Economic uncertainties have led to reduced cybersecurity budgets, increasing the risk of internal and external cybercrime. Ransomware attacks pose severe consequences for organizations.  By implementing strategic measures such as outsourcing, vendor consolidation, and maintaining cybersecurity budgets, organizations can better defend against insider threats.  To protect critical infrastructure and ensure global security and stability, it is necessary to cultivate a cybersecurity culture and stay informed about emerging trends.

This article is presented at no charge for educational and informational purposes only.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization.  For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225, or feedback@redskyalliance.com

Weekly Cyber Intelligence Briefings:

Weekly Cyber Intelligence Briefings:

REDSHORTS - Weekly Cyber Intelligence Briefings

[1] https://www.aviationtoday.com/2023/06/14/increasing-insider-cyber-threats-pose-risks-to-aviation/

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!