In a world that's becoming increasingly reliant on technology, cyber security is more important than ever. Most industries depend heavily on computers, which can be hacked, and aviation is no different. With millions of passengers flying every day, aviation security is a top priority.
Despite the impenetrable front they would like to display, no company is immune to cyber attacks; not even governments. A few years ago there was a blackout on many Canadian government websites when a cyber attack left the system vulnerable. The impact of these attacks can be massive on the economy; a presentation at an RSA Conference estimated that a 7-day shutdown on the US commercial aviation system could impact it to the tune of $13.5 – $21.3 billion.
Bob Gourley, a cyber security expert from Cognitio, predicts an increase in aviation cyber attacks as the industry continues to expand. “Attacks against the aviation industry are occurring on a daily basis”, says Gourley. “We can expect that as connected aircraft grows in popularity there will be more and more attacks there too.”
The Role Of The FAA In Combating Cyber Attacks
With safety and efficiency in mind, the US Federal Aviation Administration (FAA) has announced a new industry working group to protect air transport and tackle cyber terrorists.
A number of organizations, which are dedicated to the security of the aviation industry, already exist. The Aviation Rulemaking Advisory Committee (ARAC) and the Aeronautical Radio Incorporated (ARINC) offer guidelines on protecting civil aviation but don't specifically outline the FAA’s role in cyber threats within the US National Airspace System. This new set of codes and regulations will be more objective and offer more systems and data for identifying and reacting to cyber threats, which can be a tricky area to prepare for by their very nature.
The Growing Threat Of Cyber Security In Aviation
There are many aspects about cyber attacks that make them incredibly hard to combat. They can be executed from anywhere, at any time, and they are invisible.
They evolve every day, and there is little to suggest that a carefully constructed attack is being developed until it is already happening. Chief Technology Officer of Resilient Systems, Bruce Schneier has voiced similar concerns about how rapidly developing technology creates rapidly developing cyber criminals:
“Today’s top-secret National Security Agency programs become tomorrow’s Ph.D. theses and the next day’s hacker’s tools”, writes Schneier. “What this all means is that we have to start thinking about the security of the Internet of Things–whether the issue in question is today’s airplanes or tomorrow’s smart clothing. We can’t repeat the mistakes of the early days of the PC and then the Internet, where we initially ignored security and then spent years playing catch-up. We have to build security into everything that is going to be connected to the Internet.”
Given the remarkable technological development of the last several decades, the aviation industry has taken a gradual shift to become much more reliant on the internet and computer-based systems. On-board aircraft control, air navigation systems, security screening, and even daily office management are all based around effective, fully functional technology services. We have reached a stage where it’s impossible to imagine how today’s airports would operate without this technology, and this is exactly what is being addressed.
Ground Based Networks Maybe At Greater Risk Than Aircraft
It may come as a surprise to learn that there is perhaps a bigger possibility of cyber threats to ground-based networks than the aircraft themselves. Given the fact that they are constantly traveling at high speeds and crossing various international territories, it would be a fair assumption that aircraft are more vulnerable to hackers than the firmly based traffic control centers which are entrusted with the task of helping pilots navigate to their destination safely.
However, this is not the case. Whilst this does not necessarily mean that ground-based networks are at risk per se, the fact is that aircraft have a number of sophisticated security measures in place which help make them even more secure. For instance, there are clear security systems in place regarding the use of internet data on aircraft.
Cyber Security in Civil Aviation Is Under Control But More Needs to Be Done
There is a great deal of exaggeration in the media regarding the massive flaws in civil aviation security yet there is very little documented evidence to support these fears. In records to date, there is not one instance in which ground systems or flight control has been hijacked whilst in flight.
Michael Huerta, Administrator of the FAA, has nonetheless stressed the importance of staying ahead of the threat of cyber terrorism within the aviation sector:
“One of the things that is absolutely critical is to have very robust mechanisms for information sharing among regions including threats, potential incidents and mitigations,” said Mr. Huerta. “The specifics of the cyber threat require us to be sharing on a broader scale than we have done in the past.”
This indeed looks to be the strategy of tackling cyber threats in the aviation industry, for the immediate future at least. A more defined reaction to any degree of threat that is implemented across a multitude of international territories will only result in prolonged safety for passengers of aircraft the world over.