The airline business is unique. While public perception about aviation is that of a luxury business; the business world sees it as a financial behemoth reeling under debt burdens. Only people from the aviation industry and a few from the security industry understand that Airlines can be sitting ducks for cyber crimes. Even fewer realize that the more modern the airline, the higher is the risk of a cyber attack on it. The threat is not localized to a single aircraft, or an airline or just an airport but due to the very nature of operations of this industry, it expands to all interconnected touchpoints, increasing the magnitude of risk.
What is the risk?
The aviation industry is a treasure-trove of data, withholding sensitive information about passengers, airline operations, airports, cargos and much more. We understand that sectors which hold large volumes of data, especially confidential data, are more prone to cyber attacks and this makes aviation sector highly vulnerable to cyber threats.
Prima facie, the aviation industry encounters two kinds of cyber risks. First, is the risk of data theft and the other is that of data corruption. While both can be damaging, the latter is far more dangerous and can have a devastating impact. Further, the risks due to phishing, jamming remote hijacking, DDoS and botnet attacks also holds equally true for the airlines.
Data theft leading to identity theft is the most prominent risk that the aviation industry faces. Data loss or corruption because of a cyber breach could mean losing passenger’s personally identifiable and financial information like credit card details used to book the flights. Not just that, a cyber attack could corrupt your data like privilege member details, kind of privileges to your customers, loss of frequent flyer miles, alter check-in baggage ids or alter the aircraft boarding details. These are just a few of the examples that can cause operational disruption, loss of business and loads of embarrassment. There are also scarier instances that can shake up the entire industry.
A couple of years ago, it was proved by a hacker that the passenger planes could be hacked using onboard Wi-Fi. Though the credibility of the scenario in real world was doubted, but it does force us to think of other risk sources or loopholes that we may be unaware of or casually ignoring.
Sources of risk
The aviation industry gives ample attention to the terms ‘safety’ and ‘security’. The airlines use IT for almost all of their operations; be it on the ground or in the air and thus are equally prone to cyber threats. A few, though less obvious, channels of cyber risk include the following:
Communication: Airlines use digital communication channels to communicate between aircraft and ground crew, air traffic control tower, company headquarters, and the flight trackers that keep a constant watch on the location of an aircraft mid-flight. These communications include audio and as well as data (flight data). The onboard computers use this data to calculate their flight paths, control the aircraft mid-air amongst many more aircraft related operations. Both these channels are digital and susceptible to break-ins and ‘hacks’.
In-flight entertainment: All long-haul airlines offer some in-flight personal entertainment system (PES). These are integrated with flight’s computer systems for control and passenger announcements. PES carry a bunch of entertainment content in audio and video format. All of them are sourced from external vendors and are a potential source of ‘digital infections’ (viruses and malware). These infections can leak into a flight’s computer; corrupting it.
Ground operations: Ticketing systems, check-in counters, cargo terminal equipment, baggage handling equipment, etc. are operated by computers that are connected via the Internet. Any one of them getting affected can potentially affect the entire corporate network. More importantly, a malware infecting airport security, airport infrastructure control (air bridges, conveyors, etc.), Air Traffic Control and ground movement control can lead to a total shut down of the airport.
The industry requires a coordinated effort to secure the IT infrastructure. A data breach at any point can bring the whole industry down to its knees.