Travelling via air has always been the most preferred and
fastest option available to us at any given time but have we ever given a
thought whether it is the safest in every context technical and cyber?
Never mind the
technical mishaps that happen when least expected the accidents that occur are
rare but shocking and terrible but are we aware of the dangers related to flying
in the light of cyber security?
As we probably are aware, cybercriminals are driven for the
most part by their thirst for money and power—and disturbing the air traffic
and airport regulation helps they satisfy it. While the dominant part of these
cyber security occurrences result in data breaks, but: Attacks on this
imperative framework could prompt significantly more inauspicious outcomes.
Associations like the ATO and EUROCONTROL deal with the air
traffic across continents, connecting with business and military bodies to
control the coordination and planning of air traffic in their assigned region.
These associations work firmly together, as there are numerous intercontinental
flights that move across from one area then onto the next they respond quite
rapidly to such episodes.
These Aviation control organisations require immaculate
correspondence to work legitimately, as they are essential to keeping up the
normal stream of air traffic.
Along these lines, their related frameworks are
intensely computerized which makes them the primary targets for the said
cyber-attacks.
However apart from Air Traffic there are a lot more factors
as well that have a specific negative effect on the transportation service.
Some of the major ones being terrorist attacks, ransomeware attacks, targeted cyber-attacks
in addition to the budget concerns.
Terrorists have hijacked Aircrafts before, the most known
incident being 9/11, where the terrorists infiltrated onto four different air
crafts, disabled the pilots. Anyway these physical, in-person hijacks are the
reason behind the broad safety measures that we all experience at each major
air terminal.
Despite the fact that these hijackers don't need to be
physically present to cause such immense harm. As exhibited before, air crafts
can be hacked remotely and malware can contaminate computer frameworks in the
air crafts as well.
What's more, similar to some other industry, we likewise
find numerous ransomware victims in the avionics and air traffic sector. The
most popular one being air and express freight carrier FedEx that surprisingly
has been a ransomeware victim twice: once through their TNT division hit by NotPetya,
and once in their own conveyance unit by WannaCry.
When turning towards targeted cyberattacks the most fitting
precedent is that of the IT system of Boryspil International Airport, situated
in the Ukraine, which purportedly incorporated the airport's air traffic
regulation system. Because of rough relations among Ukraine and Russia,
attribution immediately swerved to BlackEnergy, a Russian APT group considered
responsible of numerous cyberattacks on the country.
Lastly, "Where
budgets are concerned, cybersecurity is treated reactively instead of
proactively.”
In 2017, the Air Traffic Control Aviation (ATCA) published a
white paper issuing this warning as in a 2016 report by the Ponemon Institute
discovered that the associations did not budget for the technical,
administrative, testing, and review activities that are important to
appropriately operate a secure
framework.
Bearing these factors in mind while the physical security on
airports have been increased fundamentally, it appears that the cyber security
of this essential framework still needs a considerable amount of work and
attention, particularly remembering the sheer number of cyber-attacks on the
industry that have occurred over the most recent couple of years.
The excrement will undoubtedly hit the propeller if the air
traffic and cargo enterprises yet again fail to incorporate cybersecurity in
their financial plan and structure propositions for the coming year.