Threat Actors’ Attention Sustains Skywards
The aviation industry will continue to soar towards a more connected future. From airline revenue management systems to logistics, these systems balance the needs to generate revenue for the airline, enhance the passenger experience and provide a safe journey.
However, while connected systems promise enhanced efficiency, better passenger experiences, and cost reductions—their connected nature also increase the risk of cyberattacks.
We explore the landscape of these critical sectors and key drivers of increased cyber risks in aviation and airline industries.
Turbulence Ahead: Managing Risks In Aviation
1. Interconnected Systems
While this connectivity enhances the passenger experience, it also presents a significant risks. In 2018, cybersecurity expert Ruben Santamarta demonstrated how bad actors could exploit vulnerabilities in satellite communication (SATCOM) systems used by aircraft for inflight connectivity and navigation. His research, highlighted in a Newsweek article titled "Flight Airplanes Can Now Be Hacked From the Ground," revealed that commercial airplanes could potentially be hacked remotely.
Potential Risks Identified
Infiltration of Peripheral Systems: Threat actors could gain access to non-critical systems, such as inflight Wi-Fi or IFE, and use them as a foothold in order to pivot for broader attacks.
Data Privacy Breaches: Passenger information accessed through loyalty management systems could be compromised, leading to identity theft, loyalty theft or financial fraud.
Disruption of Passenger Experience: Cyberattacks on IFE systems could disrupt entertainment or communication services, impacting customer satisfaction.
Lessons Highlighted
Industry leaders must adopt a multi-faceted approach that balances strategic risk management with partnerships across multiple stakeholders with responsibility and accountability that is clear and intact across the chain.
Conduct regular security audits and stress testing: Conduct frequent cybersecurity, data protection management program audits, incident response tests and for software/networks, penetration tests. These assessments help identify system weaknesses, ensuring that vulnerabilities are addressed before exploited.
Collaborative Security and Standards: Collaborative efforts can lead to the development of industry-wide cybersecurity frameworks and best practices. Include standardizing different cybersecurity requirements into a framework that can be adopted.
Invest in Continuous Training and Awareness: Human factors remain a critical component of cybersecurity. Airlines must invest in ongoing training for staff in technical, front-line and those handling sensitive and personal data.
2. Connection to Cloud-Based Systems
More and more airline data are moving to cloud-based systems (hybrid, private or public) and this includes flight management systems and crew scheduling platforms. While cloud computing offers scalability, it also increases the risk of Data Breaches.
As reported in The Guardian in 2021, a major Geneva based company provider SITA experienced a significant data breach that affected thousands of airline passengers worldwide. Targeting Passenger Service System (PSS), which manages passenger data for approximately 90% of the global aviation industry.
Affected airlines included Singapore Airlines, Air India, and Lufthansa with compromised data primarily involving frequent flyer information. While no financial or sensitive personal data was accessed, the breach underscored vulnerabilities in Cloud-Based Systems, where a single third-party breach can impact multiple carriers across the globe.
Potential Risks Identified
Third-Party Management of Cloud Services: Many airlines rely on cloud infrastructure for managing passenger data, reservations, and loyalty programs. Utilize a TPRM that exclusively handles these risks. Adjust the approach based on data sensitivity levels (and hence, data protection requirements).
Vulnerability Through Third Party Access: Newer incidents underscores how cloud-based systems and remote access by third-party vendors can increase the risk to access interconnected airline networks. Also consider the security posture of the MSP involved, especially around contract negotiations.
Data Breach Impact: Sensitive data of millions of passengers from several airlines, including Singapore Airlines, Lufthansa, and Air India. Although the breach did not involve financial details, it affected frequent flyer program data stored in SITA’s cloud infrastructure.
Lessons Highlighted
Third-Party Security: Airlines must implement stringent security measures for vendors with access to their cloud-based systems, including regular audits and compliance checks.
Data Encryption: Sensitive customer data must be encrypted both in transit and at rest within cloud environments to mitigate unauthorized access.
Incident Response: Airlines must have robust incident response plans to quickly address breaches and mitigate damage, particularly when relying on third-party cloud providers.
3. Use of AI and Automation
Airlines are increasingly integrating AI-driven Customer Service Tools like chatbots and virtual assistants to enhance passenger experience and streamline support. In 2018, Delta Air Lines faced a significant data breach stemming from a vulnerability in a third-party chatbot system. According to Skift, “Delta filed a suit against the Philippines-based vendor. The carrier wants to recover “millions of dollars in costs” it spent investigating the breach, notifying its customers, and paying for free credit monitoring products for affected passengers.”
Potential Risks Identified
Third-Party Vendor Vulnerabilities: Relying on external vendors for critical customer service functions.
Compromised Customer Data: Systems can become targets for cyberattacks aimed at stealing personal and financial data.
Inadequate Vendor Oversight: Dangers of insufficient monitoring and security audits of third-party technology providers.
Lessons Highlighted
Vendor Risk Management: Conduct comprehensive due diligence, regular audits, and implement security protocols for all third-party vendors with access to customer data.
Data Security Measures: Encryption of sensitive customer information and continuous monitoring of AI-driven platforms are essential to prevent unauthorized access.
Incident Response Plans: Airlines should have detailed incident response strategies in place to quickly address data breaches, minimize customer impact, and manage public relations in the aftermath of a cyberattack.
Soar Towards Better Experiences
- Going Beyond Caviar to Secure Cloud Computing
While new innovations in the future of the airline and aviation industries may not promise unlimited champagne and caviar service, your next unforgettable travel experiences does not have to be negatively compromised. The risk in greater opportunities is the risk to potentially open doors to new threats. The SITA data breach and Delta’s chatbot vulnerability are reminders that with great connectivity comes great responsibility. Airlines aren’t just managing planes anymore—they’re managing data, networks, and customer trust.
The journey forwards? A proactive, hands-on approach while continuing to collaborate with continuous digital transformations. To ensure your business remains secure, compliant, and resilient. After all, passengers don’t just trust airlines to get them from point A to point B.
For more insights in Cyber Security, Compliance, Data Privacy and other industries, subscribe to our newsletter and stay updated on the latest trends and innovations.
Stay Connected
Follow us on LinkedIn for updates on Superuser events and latest news!
Have a question? Visit our Services Page for more information, or contact us.
Stay informed about upcoming products and services by registering your interest or subscribing to our mailing list.
