NEW CYBERSECURITY CHALLENGES IN AVIATION INDUSTRY

Abstract

The increased usage of Information and Communication Technology (ICT) tools into the mechanical devices in manner of normal everyday use within the aviation industry raised the concerns about cybersecurity. The extent of common flaws and vulnerabilities in the software tools that power these systems grows as their level of integration increases. Moreover, these concerns are becoming even more acute as the implementation of modern electronic smart devices on aircraft and airports in the aviation industry is increasing. The data on cyber-attacks and threats to air traffic security over the past twenty years can help identify, map and analyze trends and insights that are important to maintaining the security and resilience of aviation systems. The main objective is to identify the subjects of the common threat, their motivations, types of attacks and mapping the vulnerabilities of those elements of the aviation critical infrastructure, which are most often the subject of constant attack campaigns. Such analyzes should enable improved understanding both the current and potential future challenges to cybersecurity protection in the aviation sector. The main threats to the industry come from Advance Persistent Threat (APT) groups, which in cooperation with certain criminal structures and state intelligence institutions, steal intellectual property data in order to advance their own national aviation capabilities, as well as to monitor, to infiltrate and undermine the capabilities of other sovereign nations. The most commonly attacked segment of the aviation industry is the information technology (IT) infrastructure, while the most prominent type of attack is malicious hacking with the intention of gaining unauthorized access to confidential and sensitive information. Analysis of the range of attacked platforms and existing threat dynamics is used as a basis for predicting future cyber-attacks trends. Insights arising from the review should support future definition and implementation of proactive measures that protect aviation critical infrastructures from cyber-incidents that erode customer confidence in a key service-oriented industry.

References

•     Cyber Risk International. Cyber Threats to the Aviation Industry. Cyber Risk International, Dublin, Ireland, 2020.

•     Elochukwu Ukwandu, Mohamed Amine Ben-Farah, Hanan Hindy, Miroslav Bures, Robert Atkinson, Christos Tachtatzis, Ivan Andonovic, Xavier Bellekens. Cyber-Security Challenges in Aviation Industry: A Review of Current and Future Trends. MDPI, Basel, Switzerland, 2022.

•     IATA – International Air Transport Association. Compilation of Cyber Security Regulations, Standards and Guidance Applicable to Civil Aviation. IATA, Montreal, Canada, 2020.

•     ICAO – International Civil Aviation Organization. Security and Facilitation Strategic Objective: Aviation Cybersecurity Strategy. ICAO, Montreal, Canada, 2019.
•     ICAO – International Civil Aviation Organization. Cybersecurity Culture in Civil Aviation. ICAO, Montreal, Canada, 2022.

•     Jose Monteagudo. Aviation Cybersecurity – High Level Analysis, Major Challenges and Where the Industry Is Heading. Cyber Startup Observatory, Global Internet Platform, 2020.

•     Pierluigi Paganini. Cryptocurrency Miners Infected More than 50% of the European Airport Workstations. Cyber Defense Magazine, Cyber Defense Media Group, Washington DC, USA, 2019.