With the increasing digitalization of airports, the use of cloud, blockchain, AI and big data technologies is becoming more common. Although these technologies provide greater efficiency and customer satisfaction, they call for institutionalization of enhanced cybersecurity practices.
Industry threat actors are collaborating with nation-state actors to monitor and subvert other nations’ capabilities and steal intellectual property. In 2018, the Russian APT28 group launched a cyberattack that disrupted Sweden’s air traffic control functions, resulting in hundreds of flights being grounded for a week. In another instance, passengers at Bristol Airport in the UK had to read flight schedules from whiteboards for two days as flight information screens went blank due to a cyberattack.
Unfortunately, these attacks are not isolated. A recent third-party study found that more than 95% of the world’s 100 largest airports have vulnerabilities and risks in their technology systems, putting their applications, data and operations at risk from cyberattacks.
As the aviation industry embraces technology and processes to provide a better customer experience in a reliable and sustainable manner, it is imperative to take a risk-based approach to designing protection strategies against cyber threats. The increasing complexity of cyberattacks requires regular assessment of the cybersecurity posture and identification of associated vulnerabilities to proactively address them. The goal is to predict the behavior of unknown attacks and build models to prevent them. This will require a new generation of managed, comprehensive detection and response services, where the organization is monitored and managed 24/7 by a combination of best-in-class technology solutions, mature and advanced processes, and a team of seasoned and trained threat hunters and analysts.