With the national airspace system (NAS) increasingly interconnected to partners and customers both within and outside the U.S. government, the danger of cyberattacks on the system is increasing. Because of low-cost computer technology and easier access to malware, or malicious software code, it is conceivable for individuals, organized crime groups, terrorists, and nation-states to attack the U.S. air transportation system infrastructure. As of 2016, the aviation sector faced at least 1,000 cyberattacks per month, of various scales and complexities. Most vulnerabilities identified occurred in ground-based systems streaming up to the plane, although some I.T. experts have claimed they could hack a plane through its own in-flight entertainment system.
Securing the Next Generation Air Transportation System, or NextGen, is paramount. NextGen is the large-scale transformation of the NAS that will make the system more dynamic and flexible by enabling aircraft to fly more efficient routes. But NextGen also requires increased connectivity with commercial aviation entities and foreign civil aviation agencies, meaning more potential points of entry for cyberattacks. Even without malicious intent, the risk carried by these integrated cyber-systems is high. In May 2017, British Airlines suffered an IT failure which led to the cancellation of all flights from Heathrow and Gatwick; although it was not caused by a cyberattack, it still took days to fix and led to thousands of cancellations and delays. The importance of securing these systems from such failures and risks is paramount.
Computer and communications networks used in the NAS and NextGen, like networks everywhere, require new defenses against rapidly evolving cyber security threats. To help the Federal Aviation Administration address these threats, MITRE has developed the NAS Enterprise Information System Security Architecture. Meanwhile, the EASA started a program called AV-CERT for its member nations, with the goal of identifying and fixing holes in aviation cybersecurity. Mistrust and unwillingness to share information have compromised this effort, but the EASA will continue the initiative with its new program, the ECSP. Saudi Arabian airlines, meanwhile, are offering insurance and training to combat cyberattacks. Given the advanced persistent threat of a sophisticated cyberattack, and the commonality of such attacks already, further security measures must be considered.
The aviation sector now relies on computers for almost every aspect of its business. And with this growing reliance, the industry faces an increasing threat from cyber risk, including cyber terrorism, extortion, data breaches and network outages.
“In the next five to 10 years, cyber will become the biggest focus of the aviation industry,” according to Henning Haagen, Global Head of Aviation, AGCS. Cyber risks are not currently excluded in aviation insurance policies, however, the aviation industry and its insurers will need to develop their understanding of the risk to prevent losses and risk accumulation, he adds.
- Cyber attacks on data links, databases, EFB’s and iPads and digital/ electromechanical systems, jamming resulting in loss of RF signals used for critical CNS functions and FADEC operation. Airport operations rely on computers to a huge degree, including for releasing aircraft for flight; therefore, cyber attacks can cause major disruptions to airline operations.
- Increasing sophistication and proliferation of explosive materials, biological/chemical toxic agents, and anti-aircraft weapons.
- Increasing frequency of distraction, glare and temporary flash blindness from easily available and low cost of high-power lasers
- There were 1527 laser pointer “attacks” on civilian aircraft in 2009. That number increased to 3,984 in 2014.
- Increased use of in-flight electronic devices and the Internet of Things weakens security against cyber-threats.
- Even without deliberate malice, server crashes and IT issues can lead to massive disruptions.
- Increasing complexity of necessary code means additional risks of loopholes and errors within that code, making it easier to exploit.
- In an increasingly global aviation market, system errors or attacks in one region can disrupt flight patterns around the world.