How Cyber-Security Is Impacting The Aviation Industry


Over the last two decades, we’ve witnessed serious cyber attacks on large corporations, governments, critical infrastructures of all kinds, and small and medium-sized enterprises across the world. Just a few months ago, for instance, Amnesty International’s Hong Kong office announced it had been the victim of an attack by Chinese hackers who managed to access the personal information of the office’s supporters. And, just before that, U.S. officials reported that at least 27 universities in the country had been targeted by hackers as part of a strategy to steal researches on naval technologies.

These attacks are now starting to show signs of targeting the aviation industry. Although there hasn’t been a widely publicized ransom-ware-style attack on any of the major airlines, experts believe aviation players must be prepared for similar cyber-attacks that other industries have experienced.

The Cathay Pacific Attack - A Timely Reminder of What Could Go Wrong

The Cathay Pacific cyber attack of 2018 is a classic example of what could go wrong when hackers penetrate an airline’s computer system. In October 2018, Cathay Pacific, a partner of British Airways in the Oneworld Airline Alliance, was hacked, with the hackers accessing personal information of 9.4 million customers. This, by far, is the biggest cyber breach in the aviation industry to date. Following the breach, Cathay Pacific’s share prices dropped to a low that they had not seen in nearly two years, shaving $201 million off the airline’s market value.

According to a statement by Cathay Pacific, the cyber hack resulted in the exposure of; names, nationalities, dates of birth, emails, physical addresses, telephone numbers, numbers of passports, identity cards, and historical travel information among other customer information.

Closer to home, WestJet Airlines is another airline that has recently reported attempted cyber attacks. In January 2018, just days after taking up his new job at the airline, Director of Cyber Security, Devon Simbert, was already getting calls from the Operations Manager about a denial of service attack.

Josh Wheeler, senior director at Satcom Direct (S.D.), an aviation cyber security services provider, says there’s even a new trend where networks of advanced black-hat hackers join forces to execute sophisticated attacks, especially on VIPs.

“The perpetrators are a group of hackers working in closed networks that continually target aviation,” says Wheeler. “This determined, networked approach is incredibly difficult to guard against.”

Industry Players Must Invest More in Cyber Security Solutions

Owing to these threats, airlines and other aviation industry players have been working overtime to secure their investments and customers better. According to technology company SITA, 89% of airlines CEOs are planning significant investment in cybersecurity, up from 71% in 2017. The figure is even higher for airports, where at least 95% of CEOs are planning significant cybersecurity investment.

SITA’s report shows that aviation’s investment in cybersecurity has been increasing steadily and reached $3.9 billion in 2018. It also shows that airlines spent 9% of overall I.T. budget on cybersecurity in 2018, up 2% from 2017. Airports, meanwhile, spent 12% of their I.T. budgets on cybersecurity in the same period, up from 10% in 2017.

This is the way to go. Hackers are well-funded. It’s estimated that the hacking industry is currently worth at least $1.5 trillion, around half the value of aviation ($2.7 trillion according to IATA). Some of the hackers are even backed by state nations and wealthy individuals.

If the aviation industry is to come out on top in this cybersecurity battle, the industry must spend more on security technologies; especially technologies that stop hackers in their tracks. Real-time threat monitoring technologies such as the one that Satcom Direct offers are going to continue to be in higher demand as this threat doesn’t seem to be slowing down. These types of threat Monitoring Module that allows you to monitor and react to suspicious network behavior can be a good start in staying ahead of this inevitable threat.

Back to Learning Center