Aviation Security – The Cyber Perspective

By November 11, 2014 Aviation Security, Cyber Security

Lawrence DietzCyber security is an all-engulfing term that has different meanings depending on the context. For example: cyber security in the utility industry is not like cyber security in the legal profession, just as cyber security in the aviation sector has yet a different and unique profile that requires special scrutiny. This is why it is important that you have something like a fortinite upgrade path to help you with your firmware updates. Maybe considering some Azure performance monitoring tools could assist in idenifying these threats sooner.

Criminals, including those in the cyber realm, also come in many stripes. Some are motivated by greed, while others, such as terrorists, are driven by beliefs and ideologies. Aviation is a prime target for both types of criminals and involves threats from both as well as potential threats from nation states in time of war which is why effective security and vulnerability management is absolutely essential.

There are several reasons why aviation is such an attractive target to a wide spectrum of criminals, including cyber criminals:

  1. Organizations and individuals associated with aviation have significant assets, some of which are stored and transported digitally.
  2. Aircraft, avionics and other aspects of aviation are big business and unscrupulous individuals may be seeking to learn trade secrets or to obtain other intellectual property that may give them an advantage in the market place.
  3. As we saw on 9/11, unfortunately, aircraft may be turned into weapons.
  4. Aircraft are also good targets for terrorists because they can generate mass casualties, terrorize many people, and garner significant press coverage.
  5. UAVs (drones) are becoming more common and are therefore increasingly more open to a variety of exploits as well.

It is clear that threats to aviation go beyond merely stealing Personally Identifiable Information (PII) or credit card related data.

To make the situation even more complex, the aviation ecosystem is comprised of many diverse sectors, each requiring a different approach from a cyber security perspective.

These sectors include:

  1. Passengers
  2. Cargo
  3. Command & Control (Military)
  4. Maintenance & Supply
  5. Fuel
  6. Airports
  7. Air Traffic Control
  8. Aircraft
  9. IT infrastructure:
    1. Hardware
    2. Software
    3. networks
  10. Regulations:
    1. National
    2. International

Before we search for specific security solutions to the aviation cyber security issues, we should answer some basic and detailed questions that will help guide our decision-making.

At the strategic level, the unique structure and safety and security aspects of the sectors within the aviation industry pose a set of challenging questions.

The most central of these questions are:

  1. Do we seek to safeguard all systems, or do we prioritize to make proper use of available resources?
    • The answer may appear intuitive: all systems have to be inspected, monitored and audited. The ramifications of such a decision are significant, both in economic and operational terms.
  2. Do we focus on searching for the weak links, or do we focus on trying to prevent harm to life and property first?
    • Here again, the answer appears to be intuitively clear: prevention of harm to life is always the first priority. And again, we have to be mindful of the economic and operational ramifications of such a decision.

Now that we have approached the big questions, let’s look a little deeper.

For example:

  1. Given the diversity and complexity of the aviation industry, is it important and practical to try to share threat data and intelligence among all the industry participants and stakeholders?
    • As in other industries, information sharing is key to threat mitigation. However, given the size, complexity and potential conflicts within the aviation industry, there are very likely some practical or legal roadblocks to such necessary cooperation. This means that careful thought and planning should go into such a step, before it is attempted.
  2. For example, perhaps it would be appropriate for each major industry segment to have a focal point for coordinating intelligence and data such as the Industry Sharing and Analysis (ISAC) found in other industries. Are there obstacles to this collaboration? If so, what are they?
    • There are several obstacles to collaboration; among them:
      1. Organizations are hesitant to report compromises because it may diminish their value.
      2. Commercial entities don’t want to cede any proprietary advantage to their competitors.
      3. In some industries there are concerns about anti-trust or other relevant regulations.
      4. Laws restricting the flow of data or information may hamper international cooperation.

Taking this consideration a step forward, it seems that, given the complex nature of the aviation industry, a vetted, objective, third party organization, could be a logical choice to providing situational awareness and analysis of available threat information. Here again, there are very significant economic and operational aspects to consider on the road to implementing such a policy.

So what can we do to protect such a complex, diverse and critical industry?

Aviation Cyber Security Recommendations

Given such an obvious level of complexity, we have a few specific initial recommendations:

  1. Adopt a holistic approach – dedicate attention to each part, but always keep in mind the complex totality that must interact seamlessly for the whole thing to succeed.
  2. Strive for the application of an “All Source Intelligence” approach and methodlogy to detect threats, including threats to:
    1. People
    2. Electronics
    3. Infrastructure
  3. Opt for a Layered Security approach – this will go a long way towards mitigating exposed vulnerabilities
  4. Insist on mandatory multi-factor authentication
  5. Consider choosing proper Biometrics
  6. Advocate and practice aggressive information sharing across stakeholders
  7. Ensure the existence and readiness of a robust Contingency Planning & Testing of Plans
  8. Establish and practice the implementation of pre-established incident response policies, procedures & teams

This is just a preliminary attempt to explore the special needs, drivers and inhibitors associated with providing appropriate cyber security protection to aviation security. We invite you to add to the discussion and to help take this process in the direction towards increased and improved security – digital and physical – for all sectors of the aviation security.

© TAL Global, 2019