Airport security is a growing concern as they are increasingly getting exposed to a wider range of technology. The increasing reliance on digital systems means that not only airports but air traffic control systems and aircraft become more vulnerable to cyberattacks.

A cyberattack on an airport system could affect the entire operation, impacting security checks, exposing passenger data and much more. Only 30% of airports and 35% of airlines say they are prepared to counter any kind of cyber threat. Although 95% of airlines plan to invest majorly in their cybersecurity program, things have to move beyond the plans on paper.

Cybersecurity at airports

With weak cybersecurity at airports continuing to move towards a digital, more connected future, cybersecurity threats are likely to become more common. Airports will need to create comprehensive plans for the detection, identification, protection, and monitoring of these threats.

A key component of creating these plans would include assessing vulnerability using penetration testing to establish real-world risks. Appropriate risk management programs, ongoing internal education, and training concerning security policies and protocols would be critical.

Bristol Airport Cyber Attack

In September 2018, Bristol Airport, UK’s ninth largest airport, took applications offline as a precautionary measure due to a cyber attack on their administration systems. Flights were not affected, but whiteboards and markers had to be used in place of display screens. Additional staff was brought in to help passengers. The cyberattack appeared to be more opportunistic than targeted, but it still causes concerns about the damage such attacks could cause if they were more targeted.

How secure is your aircraft?

When it comes to aircraft, the Federal Aviation Administration believes that today’s aircraft are not vulnerable to attacks from cybercriminals. The U.S. Government accountability office keeps warning that regulators and the industry must step up efforts to guard against cyber attacks as the increased use of connected technologies creates more significant risks.

The Department of Homeland Security (DHS) believes some of the aircraft still in use today do not have enough cybersecurity protection and that the threat of a remote cyberattack on an aircraft is real. In September 2016, a cyber attack occurred on a Boeing 757 parked in the airport at Atlantic City, New Jersey.

Nobody touched the plane itself – the attack occurred via radio frequency communications. Robert Hickey, aviation program manager for the Cyber Security Division of the DHS Science and Technology Directorate and his team were responsible for the attack. Hickey said they were able to establish a presence on the systems of the aircraft. Essentially the DHS airplane hack was “pen testing” or simulating an attack on a computer system to identify its strengths and weaknesses. Boeing responded to the attack with a lengthy statement and, in conclusion, said that its cyber-security measures met or exceeded all applicable regulatory standards.

When considering this Boeing plane hack, we need to take into account that the 757 is less networked than many more modern planes. It has been 15 years since a Boeing 757 was last built, and major airlines still fly this aircraft with its twin engines and narrow body. President Trump owns a 757, and the official jet of the vice president is a Boeing C-32, a version of the 757. A modern aircraft has hundreds of loadable software components delivered wirelessly compared with the 757s, which have few software parts. Modern planes have many potential entry points, and 757s only have a few.

How does a flight get hacked?

The greatest vulnerability of commercial flight is the age of most planes. Their systems and infrastructure are outmoded. Within every plane are wireless connections that control virtually everything. Separate domains are interconnected, and it’s the connections between the domains that are vulnerable. The possible type of attacks could include remote hijacking, injecting a “ghost” flight into the air-traffic radar, jamming wireless communication between ground and plane and introducing malicious software to attack the supply chain.

Gaining access through the entertainment system?

In 2015, hacker Chris Roberts claimed to have hacked into flight controls through the entertainment system and made a plane fly sideways for a brief moment. Doubts persist over this claim because no charges were brought. Aircraft manufacturers insist that multiple layers of protection are designed to stop such intrusion, including software, hardware, and network architecture features. They say that critical flight systems cannot be accessed via non-critical systems.

Hacking into the Wi-Fi system

Nevertheless, the possibility still exists of a hacker remotely hacking into the WiFi system on a flight to create panic. Cybersecurity expert, Ruben Santamarta, says he has proved that a hacker can access onboard WiFi via a satellite link to interfere with internet-enabled devices used by crew and passengers. The good news is that he was unable to hack into the cockpit systems.

5G services increase risks

Historically, all data stayed on the plane, but with 5G services, data will be taken off the plane, processed and brought back on board, creating an open system and an opportunity for hackers.

It may not be possible yet for cyber criminals to remotely control an aircraft, but the U.S. Department of Homeland Security believes it’s just a matter of time before this happens. Aircraft manufacturers are not unaware of the risks of a flight being hacked and continually evaluate their systems for hazards and look at ways to mitigate them because passenger safety is at the core of their business.

How do we protect aircraft from cyber threats?

At present, there is an absence of a unified approach to aviation cybersecurity threats. Accelerated collaboration across all the stakeholders, including the aviation industry, government sectors, and independent experts, needs to take place. More stringent industry regulations with updated cybersecurity protocols and policies are urgently needed.

One step would be to make every aircraft’s integrated system go through third-party penetration testing to unearth risks that automated vulnerability-scanning tools could miss. The problem is that a skills gap exists, and there are not enough aviation experts who can conduct pen testing. This could prevent change from taking place at a fast enough rate.

Why is cyber safety important at airports?

More than any other industry, safety is an overriding imperative in aviation. Technological advances create more vulnerability, and steps need to be taken to increase cybersecurity at airports, in air traffic control systems, and on aircraft. Updated cybersecurity measures are necessary, and more collaboration is needed between all stakeholders. More emphasis also needs to be placed on training and education in cybersecurity protocols and procedures.