Photo by Shaun Darwood on Unsplash
4,000 passengers were stuck nightly in an Indian airport in May 2019 due to technical issues with the check-in, reservation, and luggage handling systems. Passengers at Bristol Airport in the United Kingdom had to read flight times off whiteboards for two days in September 2018 when the flight information panels went blank.
Regrettably, aerodrome assaults are not isolated instances. “97 of the world’s major 100 airports have security vulnerabilities due to weak online and mobile apps, misconfigured public cloud, Dark Web exposes, or code library breaches,” according to an ImmuniWeb survey. As a result, sophisticated cyber-attacks routinely threaten aviation networks’ data and functioning.
WHAT ARE THE CYBERTHREATS THAT THE AVIATION INDUSTRY FACES?
RANSOMWARE
The virus outbreak involves a cybercriminal encrypting and holding hostage digital assets, such as data or computer systems, and then demanding payment from the victim to restore access. In January 2020, for example, fraudsters broke into the networks of Albany Airport’s third-party contractors and then distributed ransomware to the airport’s administration systems. To re-establish operations, the airport had to pay off the hackers.
INTERNAL SECURITY THREATS
A Heathrow Airport employee constituted a security risk by neglecting to save data in safe forms and then misplacing a USB stick holding sensitive data, which was subsequently discovered by a member of the public. According to reports, the memory stick held information on the Queen’s travels as well as the personal details of around 50 airport security personnel.
SPYWARE, SCAMMING, AND MALFEASANCE
Airport staff and customers may become victims of phishing emails if they click on malicious links. The FBI issued a warning in July 2020 about fake domains that impersonate the websites of American airports. To deceive naïve consumers and merchants, fraudsters might impersonate airport officials or related companies. In 2018, hackers accessed an Australian firm that provides security identity cards to airport workers for access to flights and other restricted airport zones, putting airport security at risk.
ATTACKS ON PAYMENT SYSTEMS
Data breaches account information and other personal information from 500,000 British Airways customers. Such leaks can result in governmental action, reputational harm, and customer loss. British Airways paid £183 million in GDPR fines for weak data protection in the aforementioned instance.
BEST PRACTICES FOR THE AVIATION INDUSTRY AVOID CYBERATTACKS?
On this are five important best practices for airports to boost their security posture and defend their networks against cyberattacks and data breaches.
1. DISPLAY NETWORK TRAFFIC
Aviation security teams want comprehensive visibility into network traffic across on-premise users, endpoints, and apps, as well as cloud workloads. Cyber Aeronautycs provides real-time centralized, granular view into an airport’s important apps and servers, assisting in the detection of suspect connections. Risk measurements and analytics enable network administrators to analyze and enhance security posture continually.
2. USE OF MICRO-SEGMENTATION TO ISOLATE CRITICAL ASSETS
Airports should establish a zero-trust security strategy and micro-segment transactional, application, and passenger database environments. An airport’s infosec team may use Cyber Aeronautycs Ltd to implement micro-segmentation policy templates across its data centers and multi-cloud environment. This protects the network from lateral attacks while also reducing the attack surface without the need for time-consuming firewall setups. The airport can safeguard its crown jewels by requiring zero trust-based access to internal and third-party contractors via a single platform for multi-vendor infrastructure.
3. ENDPOINT SECURITY
Airports should prevent needless data transfer between endpoints and only provide access to vital and sensitive information on a need-to-know basis. They must keep an eye on software, communication networks, and other critical IT areas for any unusual behavior.
Cyber Aeronautycs assists airports in making their terminals and endpoints tamper-proof. Airports may improve security by proactively shutting down check-in kiosks, ticketing systems, building, and video management systems, and airport operational control centers to avoid breaches caused by malware, ransomware, and zero-day attacks. Legacy PCs and unpatched servers can also be safely closed down, even when they are not connected to the internet.
4. SUPERVISE THIRD-PARTY CONTRACTORS AND TRAIN EMPLOYEES
Airports and airlines are required to share data with numerous regulatory and government entities. In addition, they have business partners and third-party service providers who interact with client data. It just takes one weak connection to undermine the entire system. The aviation sector must implement a policy to guarantee that partners and contractors who have access to such data have a strong cybersecurity architecture.
Leadership in data security should make certain that all airport workers and external consultants get cybersecurity and anti-phishing training. The personnel must be aware that they must report emails from unfamiliar URLs and not click on any links or open any files contained in such emails. They should not keep data in unencrypted or insecure formats. USB sticks, external drives, workstations, POS systems, and any other devices should be kept secure and password-protected with strong, often changed passwords.
5. UNINSTALL OUTMODED SOFTWARE AND APPLICATIONS
Airports must maintain all software and apps up to date and deploy applicable security updates as soon as possible. Hackers are continuously looking for flaws through which to launch zero-day attacks. The airport cybersecurity staff must be alert to address any vulnerabilities that are discovered.