Cyber Security and Aircraft Operations: “In Flight” Does not Mean “In the Clear”

Global Aerospace Editorial Team, June 26, 2018
Aviation Safety

Cyber security is a critical issue that continues to grow in importance with every data breach that occurs. While the public tends to be aware of only the high-profile incidents, cyber criminals are constantly probing the digital defenses of their targets and adjusting their tactics to try and get around these measures.

This is true in virtually every industry, including aviation. In fact, the advances in technology available while airborne — from new cockpit air-to-ground (ATG) communication devices to increasingly common in-flight Wi-Fi networks — have made the 5,000 aircraft aloft in the U.S. at any given time an even more enticing target for hackers. Whether cyber criminals are looking to steal valuable corporate data or take control of the aircraft’s navigation systems for some criminal purpose (a risk that has been theorized with enhanced levels of connectivity and interactivity), they have many new avenues for achieving their objectives today.

Plus, with the recent implementation of the European Union’s wide-reaching General Data Protection Regulation (GDPR), the responsibility operators bear to ensure data security is being more closely scrutinized than ever.

New Aircraft Technologies Mean New Cyber Security Vulnerabilities

The vulnerability of an aircraft’s devices and networks while in flight comes as a surprise to many risk managers, directors of operations, flight crews, and passengers. There is a tendency to believe that once a jet is aloft, cyber criminals are left behind on the ground and the aircraft’s digital systems are immune from attack. Unfortunately, that is not true.

As technology has enabled better communication to and from airborne aircraft, and greatly improved internet connectivity within them, it has opened the door to potential cyber attacks. In fact, a device such as a web-enabled DVR, which seems completely benign, might play a role in a security breach. While a cyber criminal would have no interest in the DVR itself, of course, such a device may serve as an entry point and “launch pad” of sorts for a broader attack.

The Impact of Aircraft Cyber Security Breaches

In terms of severity, aircraft cyber security breaches run the gamut, from relatively harmless penetrations by hackers simply looking to prove that they are capable of getting past any defenses, to very focused attacks where critical data is stolen or flight operations are altered. At the more serious end of the spectrum, the consequences of a breach can be significant and long lasting. The results can include:

  • Risks to passenger safety
  • Loss of confidential company data related to products, strategy, etc.
  • Interrupted business operations and resulting financial impacts
  • Costly recovery and remediation efforts
  • Legal action from stakeholders affected by the breach
  • Long-term decrease in trust among business partners and clients or even their loss

When considering the financial repercussions, it is sobering to learn that the IBM X-Force Threat Intelligence Index 2018 reported that ransomware attacks alone cost companies worldwide more than $8 billion in downtime and other impacts in 2017. Thankfully, many aircraft technology providers (Satcom Direct is one example) are continually enhancing their cyber security systems to help operators stay ahead of cyber criminals.

Human Behavior: An Often Overlooked Aspect of Cyber Security

Many people believe that with the right software and systems in place, an organization can build an impenetrable wall around its digital assets and communications capabilities. However, there is one factor that even the most cutting-edge aircraft cyber security protocols cannot account for: human behavior. According to the IBM report mentioned above, inadvertent actions by insiders were responsible for more than two-thirds of total records compromised in 2017.

As noted in a white paper from human factors expert Tony Kern, human error is a serious strategic risk. From system configuration mistakes, to users who fail to change their default initial password for a digital tool or data source, to lost devices, humans have a way of creating gaping holes in even the most carefully considered security protocols. When they do, cyber criminals are ready to surge through those openings. And, as many experts have observed, one security breach can easily lead to a very costly chain of events, such as when the grounding of flights in one location causes system-wide backups.

Improving Aviation Cyber Security: An Ongoing Process for Safeguarding Your Digital Assets

Ultimately, securing your digital assets when an aircraft is in flight isn’t an action but an ongoing process. It starts with awareness. Simply knowing that being aloft doesn’t mean you are free of the risk of a cyber attack is a step in the right direction. Next, working with industry experts to ensure you have the latest in security measures for protecting your aircraft systems and the data of those who use them is critical. This can involve an array of actions including these and many more:

  • Regular system vulnerability assessments
  • Routine firewall analysis and penetration tests
  • Compliance certifications
  • Security policy development and maintenance
  • Regular security event log reviews

Finally, educating your team members, business partners, and passengers on aircraft cyber security best practices and how their actions affect network and data security and uninterrupted operations is key. This helps prevent the kinds of human error that cyber criminals look to leverage to their advantage. Cyber security in business aviation is a continual battle, but one you can win with a proactive approach and consistent effort.