Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • The State of Civil Aviation Cybersecurity
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

The State of Civil Aviation Cybersecurity

5 years ago Anastasios Arampatzis
Abstract image of an aircraft

Technology and cyber systems have become essential components of modern society. Despite the benefit of cyber technologies, insecurities arise. These could affect all systems and infrastructures. More than that, the threat of a cyberattack could very well have a transnational component and effect as worldwide systems become increasingly interconnected.

Civil aviation is mainly reliant on cyber-enabled technology that is used to increase the safety and efficiency of air transport. However, as the aviation industry becomes increasingly digitalized, the interconnectivity of systems and dependence on technology has led to the emergence of new risks. The aviation industry is using a computer-based interconnected system spanning across air navigation systems, onboard aircraft control and communication systems, airport ground systems, flight information systems, security screening and many other technologies that are used on a daily basis and for all aviation-related operations.

The Aviation Cyber Threat Landscape

The aviation digital attack surface continues to grow in such a way that both managing risk and gaining insight into it remain difficult. With emerging technologies like machine learning and fifth-generation (5G) telecommunications experiencing wider adoption—alongside electric vertical takeoff and landing (eVTOL), and autonomous aircraft—aviation cybersecurity risk management is becoming more and more complex. This will inevitably increase the number of aviation actors potentially impacted by a cyber-attack.

The increased attack surface affects all components of the aviation sector: airports, airlines, Air Traffic Control (ATC) centers, supply vendors, and even passengers. To shed some light on the current state of aviation security, ImmuniWeb conducted a study on cybersecurity, compliance and privacy at some of the world’s largest airports. According to the research findings, “97 out of 100 the world’s largest airports have security risks related to vulnerable web and mobile applications, misconfigured public cloud, Dark Web exposure or code repositories leaks.” The only international airports that passed with top grades were Schiphol airport in Amsterdam, Helsinki-Vantaa airport in Finland, and Ireland’s Dublin Airport.

Problems with the airports’ official websites included:

  • outdated web software (97%),
  • known and exploitable vulnerabilities (24%),
  • not GDPR compliant (76%),
  • not PCI DSS compliant (73%), and
  • no SSL encryption or the use of obsolete SSL version 3 (24%).

Furthermore, a test of 36 official airport smartphone apps found that 100% of the mobile apps contained vulnerabilities, with 15 security or privacy issues detected per app on average.

In July 2019, the DHS/CISA issued a warning about an insecure implementation of CAN bus networks, the protocols which allow the various devices within planes, cars and other machines to communicate with each other. The vulnerability could allow bad actors to inject false data into the aircraft. By physically tapping into the CAN bus system, an adversary could alter numerous aircraft measurements including engine telemetry readings, compass and attitude data, altitude and airspeed, according to CISA.

In the past, airports have suffered ransomware attacks, incidents in which hackers stole building plans and sensitive security protocols, conducted DDoS attacks, and even produced data leaks at boarding gate displays.

Finally, after running penetration tests on many Air Traffic Management systems, EUROCONTROL found that most of its subjects were vulnerable. According to its think paper, senior management, technical staff and system designers need to move away from the illusion that their systems could survive a cyber-attack because “nothing” happened in the past.

“The challenge now lies in making aviation systems/services progressively more and more cyber-resilient while remaining safe and cost-effective,” concludes the EUROCONTROL paper.

Challenges Towards Cyber Resilience

Aviation is considered critical infrastructure in both the United States and the European Union. One key characteristic of the aviation industry is the high level of interdependency between the various sectors of activity (airports, air navigation services, airlines, etc.) and interconnectivity with related systems (maintenance services, network connectivity services, fuel distribution systems, etc.). One incident at any point in this value chain can have severe consequences in other areas.

During the 2020 annual meeting, the World Economic Forum (WEF) urged the consideration of emerging cybersecurity challenges in the aviation industry, as addressed in its “Advancing Cyber Resilience in Aviation: An Industry Analysis” report. The report findings indicate that the aviation industry will likely experience cyber risks similar to those of other industries grappling with new levels of digitalization and connectivity.

“Technology and digitization not only bring many advantages, but also risks associated with the challenge of finding and managing cyber vulnerabilities across complex, international operations from airports, aircraft operators, Air Traffic Management, and supply chain,” reads a paper by IATA.

This complexity makes the aviation industry vulnerable to hidden cyber risks and ever-increasing threats. According to a recent report by Atlantic Council, the airline industry is an attractive target for many cyber threat actors with diverse motives ranging from financial gain to disruption and harm to unintentional motives related to human error.

Due to their complexity, cyberattacks on the aviation sector may be more difficult to detect and control and may generate cascading effects resulting in economic loss, industrial disruption and, in some cases, human casualties. The impact of such cyberattacks could be severe in the absence of adequate cybersecurity and resilience measures and capabilities.

Management of aviation-cybersecurity risk remains challenging, says the latest report on aviation cybersecurity from the Atlantic Council. The report has identified several challenges that need to be addressed. The first set of challenges involves issues in trying to integrate aviation cybersecurity into flight safety, security, and enterprise IT, which all are subject to well-established governance and accountability frameworks.

The second set of challenges is related to the cybersecurity posture of aviation suppliers and customers. According to the Atlantic Council, many suppliers find it difficult to incorporate best practices into purchases. There are also difficulties in developing consensus on adequate cybersecurity risk management and transparency.

Information sharing is another area where there is still much work to be done. Managing aviation cybersecurity requires making thoughtful choices from a clear and well-informed understanding of risk. Information sharing is closely related to the need for objectivity regarding the qualification of aviation cybersecurity risk either through independent assessment or agreement among aviation stakeholders.

Although the aviation sector rigorously works to anticipate, mitigate, and objectively investigate failure through both its designs and its training practices, incorporating cybersecurity into the sector’s culture remains a challenge. There is very little operational training (for pilots, air-traffic controllers, etc.) to either recognize or manage aviation-cybersecurity incidents.

Finally, although aviation operations are inherently resilient, disruptive attacks at scale will prove challenging to manage. Attacks against data integrity will undermine the ability of aviation operators to conduct safe operations. Working through these issues will require an increased effort to understand the cybersecurity aspects of everything from normal operations and procedures to post-accident and incident management.

“The aviation industry today is realizing a future in which drones deliver packages to the doorstep and a daily commute means flying over traffic. As industry and government work together on strong policy and regulations, industry consensus standards will bring us closer to that future,” concludes the World Economic Forum analysis on aviation cyber resilience.

Cybersecurity Strategy and Standards

Aviation cybersecurity should be led globally. As national, regional, and organizational efforts are underway to improve aviation cybersecurity, there is a growing risk of adding complexity across the landscape of regulations and best practices. All regions deserve the tools to improve, and any new body of standards must be harmonized across complex global supply and operations chains.

ICAO promotes this from a capacity-building perspective with a tagline of “No Country Left Behind.” The 40th Session of the ICAO General Assembly adopted its first Cybersecurity Strategy relating to aviation in October 2019, stating the following vision.

“ICAO’s vision for global cybersecurity is that the civil aviation sector is resilient to cyber-attacks and remains safe and trusted globally, whilst continuing to innovate and grow.”

The ICAO vision highlights the key challenges facing the sector. The importance of resilience sits alongside the need for safety and maintaining trust while fostering growth and innovation.

The publication of the first Aviation Cybersecurity Strategy by ICAO is a critical first stage in building global coherency. Additionally, the publication of the European Strategic Coordination Platform Strategy for Cybersecurity in Aviation is a significant step forward at a regional level, alongside national efforts such as the UK Aviation Cybersecurity Strategy.

From an aviation cybersecurity standards perspective, there has been significant activity by both the European Aviation Safety Agency (EASA) and the US FAA. Since the end of 2019, the only way that aircraft, aviation systems, engines, etc. will be able to achieve airworthiness certification is to comply with the recently updated DO-326 and ED-202. These new regulations are considerably more detailed and comprehensive in their approach to the management of cybersecurity risk.

Additionally, a new initiative of the US Department of Homeland Security (DHS) in partnership with the U.S. Air Force (USAF) will increase the scrutiny of aircraft cybersecurity. Following the publication of the U.S. National Strategy for Aviation Security, the Aviation Cybersecurity Initiative (ACI), chaired jointly by CISA, the Department of Defense, and the US Department of Transportation, aims to “to reduce cybersecurity risks and improve cyber resilience to support safe, secure, and efficient operations of the nation’s aviation ecosystem” by conducting vulnerability assessments of aircraft as a means to better understand and mitigate risk.

The Way Ahead

With the publication of the ICAO Cybersecurity Strategy, there is now a vision for how aviation cybersecurity can advance globally. To coherently gain insight, understand and manage aviation cybersecurity risk as well as bring swift, globally aligned, and effective change, all aviation stakeholders—including states, international bodies, regulators, manufacturers, and service providers—are strongly encouraged to act in unison and support the new ICAO Cybersecurity Strategy. The Strategy’s aims will be achieved through a series of principles, measures and actions contained in a framework comprised of seven pillars:

  1. International cooperation
  2. Governance
  3. Effective legislation and regulations
  4. Cybersecurity policy
  5. Information sharing
  6. Incident management and emergency planning
  7. Capacity building, training and cybersecurity culture

Although progress is being made, significant challenges remain with regards to both gaining insight into aviation cybersecurity risk and globally managing it. Cultural change to better manage these cybersecurity challenges requires strong leadership and time. Measures must be taken to accelerate this process of improvement, increase transparency and trust as well as develop objectivity and collaboration.

There is no single solution to aviation cybersecurity, and it will take positive collaboration across diverse stakeholders. Along with all this effort, it must be remembered that the aviation sector is a global one. Improving aviation cybersecurity will be a journey, and bringing along all stakeholders is essential if global, systemic risk is to be reduced.

The post ” The State of Civil Aviation Cybersecurity” appeared first on TripWire

Source:TripWire – Anastasios Arampatzis

Tags: CERT, Cloud, Compliance, Critical Severity, Encryption, Goverment, High Severity, Malware, Privacy, Ransomware, TripWire

Continue Reading

Previous Qualcomm Bugs Open 40 Percent of Android Handsets to Attack
Next Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28

More Stories

  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

33 mins ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

2 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

2 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware

CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms

2 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

3 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

3 days ago [email protected] (The Hacker News)

Recent Posts

  • Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm
  • Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists
  • Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms
  • CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms
  • Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT