Aviation Security
One of the biggest issues facing the airline industry today, one that is becoming increasingly prominent, is the threat of cyber security. Technological advances have come a long way and have revolutionized the aviation industry. This has paved the way for more efficient operations. These improvements entail making travel better for passengers, safety and security, innovations for flight, aircraft technology, automation and data exchange, business and operational management, and cloud computing. With all of this in mind, there is now an increased emphasis on improvements in the cybersecurity sector. Data gathered by Resilinc’s EventWatchAI – an AI-powered supply chain risk monitoring system – revealed a 24% YoY increase in the number of cyber attack alerts across all industries it monitors in the first half of this year. And the aerospace industry, specifically, saw an even more alarming jump of 64%. In fact, aerospace was the fifth largest industry impacted by cyber attacks in all of 2022. (Hardy, 2023)
Several high-profile cyber attacks on airports have been carried out globally in the last few years. (Hardy, 2023) The systems of Pilot Credentials, a Texas-based company that manages pilot recruitment portals for multiple airlines, were breached by an unauthorized actor on or around April 30, 2023, according to data breach notifications the airlines filed in Maine last. The data breach was discovered on May 3, 2023 (Kapko, 2023b) This breach affected American Airlines and Southwest, with the perpetrator stealing 5,745 applicant government IDs from American Airlines and 3,009 from Southwest. American Airlines later stated that no customer or team member data was affected, while Southwest stated no network systems were affected. A month later, American Airlines was struck by another cyberattack, having 1700 employees' personal information stolen. These incidents are very troubling, and the airlines must address this by prioritizing cybersecurity.
Airlines can begin to improve cybersecurity by increasing and strengthening the layers of cybersecurity. Unfortunately, humans are the weakest link in any cybersecurity strategy and are responsible for 90% of data breaches. Mission-critical assets are protected from a variety of human threats, such as cybercriminals, malevolent insiders, and careless users, by human security controls including phishing simulations and access management rules. (7 Layers of IT Security, 2023) By strengthening the human aspect and the other levels of IT security, including mission-critical assets, data, applications, endpoint, network, and perimeter security, airlines will make travel and data safer for all passengers and employees.
References
Pereira, B. A., Lohmann, G., & Houghton, L. (2022). Technology trajectory in aviation: Innovations leading to value creation (2000–2019). International Journal of Innovation Studies, 6(3), 128–141. https://doi.org/10.1016/j.ijis.2022.05.001
Hardy, E. (2023, October 4). Safeguarding supply chains - AIR CARGO WEEK. AIR CARGO WEEK. https://www.aircargoweek.com/safeguarding-supply-chains/
Case study: Cyberattacks in the aviation industry - Techforce. (n.d.). Techforce. https://techforce.co.uk/blog/2023/case-study-cyberattacks-in-the-aviation-industry---risks-and-remedies#:~:text=For%20airlines%2C%20cyberattacks%20can%20lead,with%20more%20robust%20security%20measures.
Kapko, M. (2023, June 27). Cyberattack exposes data on nearly 9K American and Southwest Airlines pilot applicants. Cybersecurity Dive. https://www.cybersecuritydive.com/news/american-southwest-pilot-candidates-data-exposed/654080/
7 Layers of IT security. (2023, March 15). GeeksforGeeks. https://www.geeksforgeeks.org/7-layers-of-it-security/
Comments
Post a Comment