The importance of cybersecurity in aviation and how to address it successfully

According to a study by SITA, an IT provider for the airline industry, the use of biometric check-in and baggage drop-off, along with the adoption of biometric ID management systems by airlines, will reduce waiting times by up to 60% by 2026.

Benefits like these led airlines to invest $37 billion in IT last year. However, these advantages in customer experience, efficiency, and sustainability are offset by risk. The aviation industry is particularly vulnerable to cyberattacks, and developing a comprehensive and viable approach to cybersecurity is critical. Mindaugas Rainys, CEO of Aerviva, outlines the key challenges that cybersecurity presents for the industry and how companies can address them.

What cybersecurity risks do aviation companies face?

Aviation is vulnerable to cyberattacks from a variety of malicious actors, including hacktivists, hackers, state actors, terrorists, and more. Attackers look for vulnerabilities in a system—such as software, hardware, network connectivity, or people—and then gather information or transmit signals or data, Rainys explains.

The aviation industry has a history of such attacks dating back more than a quarter of a century. In 1997, a teenager exposed a vulnerability in the Worcester, Massachusetts, airport system through a denial-of-service attack. In the past decade, hackers have attacked the computer and communications systems of US airports, disabled flight plans at Warsaw Airport, and shared the credit card and passport data of 9.4 million Cathay Pacific customers. Perhaps most worrying, in 2015, a cybersecurity consultant managed to hack into onboard computer systems to control an engine during flight.

The threat of cyberattacks has been a problem for decades and is becoming more acute with the integration of digital technologies into our sector. Digitalization is having a major impact on customer experience and internal infrastructure. AI and predictive analytics are generating significant results in terms of improved sustainability and operational efficiency, explains Rainys.

This puts pressure on IT systems, especially as passenger numbers increase. According to SITA's Air Transport IT Insights 2024 report, 74% of airlines forecast an increase in total IT spending over the next two years, and 66% cite cybersecurity as one of their top three focus areas.

The unique challenges of cybersecurity in aviation

Focusing on cybersecurity is one thing. Getting it right is another, especially in the aviation sector. "As the ICAO points out in its cybersecurity guidance, it's a highly complex industry with high levels of interconnectivity. This means that even a minor cyberattack can have a massive impact due to its knock-on effects," says Rainys.

The stakes are high. Aviation plays a pivotal role in business and tourism, with entire regions affected by disrupted service continuity. Furthermore, the safety of people and facilities must always be a top priority. “Unfortunately, this combination of interconnectivity and high impact makes aviation a natural target for cybercriminals. Keeping such a complex ecosystem protected is difficult. Meanwhile, attackers only need to find a vulnerability, and increasingly, they can do so using powerful and readily available tools. Therefore, effective cybersecurity in our sector requires a clear strategy, the right technologies, and well-trained personnel,” explains Rainys.

An effective cybersecurity strategy

The ICAO Aviation Cybersecurity Strategy provides a good starting point for formulating your own approach to cybersecurity. It consists of seven pillars, five of which focus on coordination within our sector at the macro level (International Cooperation; Governance; Effective Legislation and Regulation; Cybersecurity Policy; and Information Sharing).

Its final two pillars relate to individual businesses and organizations. "First, there's incident management and emergency planning: this refers to businesses being prepared to effectively manage and quickly resolve cyberattacks. And second, there's cybersecurity capability development, training, and culture. These are the proactive measures taken to ensure attacks don't occur. Based on ICAO guidelines, both EASA and FAA regulations require businesses to proactively assess potential cyber vulnerabilities and take steps to mitigate them," explains Rainys.

To meet these requirements, a solid strategy with the right technology and infrastructure is needed. Companies are already investing, and the global aviation cybersecurity market is projected to reach $6.5 billion by 2028, according to a recent report by the IMARC Group. As for where to focus, the U.S. National Business Aviation Association (NBAA) Security Council recommends that companies assess the risk levels of aircraft and mobile devices based on their location and operation. It also recommends formulating clear policies on how flight data is used, stored, and shared, as well as best practices for device use.

Personnel with cybersecurity knowledge

"Even with the right strategy and technology, if your staff isn't aware of cybersecurity or trained to prevent it, you won't be successful," Rainys argues. "You can't expect everyone in aviation to have the same perspective as a cybersecurity professional, but for businesses, aspects like data security should never be an afterthought," Rainys explains.

Air traffic controllers work with extremely sensitive flight data and must be aware of potential cybersecurity risks. Pilots, on the other hand, must be prepared to deal with in-flight cyberattacks. Aircraft with electric technology offer greater efficiency and comfort thanks to integrated computer networks. However, they also increase the potential risk. Manufacturers such as Raytheon have developed cyberattack warning systems that inform pilots of a cyber intrusion. However, it remains the pilot's responsibility to make the right decision at the time, which means understanding potential cyberthreats is essential," Rainys adds.

Aircraft maintenance specialists must also be trained on the potential risks of cyberattacks, especially in terms of proactive mitigation. Maintenance systems and MRO providers are actively targeted by cybercriminals, as they represent a potential avenue for malware to be introduced into airline IT systems. Furthermore, established companies in the aviation sector, such as Lufthansa Industry Solutions, are developing and promoting solutions that increase cyber resilience, such as penetration testing.

A problem that is going nowhere

Digitalization will continue to increase in the aviation sector, as airports, airlines, and other stakeholders continue to leverage technology to improve efficiency, sustainability, and performance. This year, IATA launched Digital Aircraft Operations, an initiative aimed at supporting airlines in implementing digital solutions in areas such as flight operations, air traffic management, and ground operations.

This continued digitalization will further increase the complexity of our sector, intensifying the need for robust cybersecurity. We must also remember that malicious actors are always looking for new angles of attack, which means sitting idly by is not an option. However, I am confident that we will rise to this constant threat. The aviation sector has undergone a century of rapid change and development, and is more than capable of meeting the constant challenge of cybersecurity. We just need the right strategy and a strong focus on talent,” Rainys concludes.

Source: Aerviva.