Locks and Security News: your weekly locks and security industry newsletter
4th December 2024 Issue no. 732
Your industry news - first
We strongly recommend viewing Locks and Security News full size in your web browser. Click our masthead above to visit our website version.
Cybersecurity in aviation – head in the clouds?
The Aviation Industry has expanded exponentially in the last few decades.
Air travel is an integral part of the professional and privates lives of the global population. Inevitably, with such large growth, the Industrial advancements bring a plethora of cybersecurity requirements.
Sustainability and security are this year’s key focuses within the industry, and with good reason. The 3-day long 2023 Paris Airshow boasts ‘developments in the global aerospace and defence industry, including new orders and partnerships for a safe and united world’ as cyber-attacks against the industry have increased.
Recently we have seen a surge of attacks like the one against British Airways (BA), only last month (June 2023), in which Clop ransomware group targeted the organisation with a malicious MOVEit file transfer software.
But how are threat groups able to interrupt and impact global organisations, with significant financial backing, within the industry? Well, within the sector, the use of multiple interconnected systems has shown a shift from what was once a ticket and payment card process, to an end-to-end digital air travel journey. The moment a ticket is booked, passports are screened, payment information is interrogated, the extensive airport security process uses technology that once seemed like science-fiction. Right up to a cockpit, systems are completely interconnected. But have these meteoric advancements within the industry outrun the security of the technology it uses? This leads us to the current void of cybersecurity in Aviation, concerning the following three element:
Third-party vendors are often used to provide critical infrastructure, services, and software to aviation companies, comprising elements of the industry such as flight planning, maintenance, digital infrastructure and solutions, and navigation systems, to name a few. Any compromise of these vendors can have severe consequences, including disruptions to air traffic, loss of sensitive data, and potential safety risks.
These can also have a rippling effect, with one supply chain compromise impacting multiple businesses and customers at a time.
The 2019 data breach of Cathay Pacific, a Hong Kong-based airline, illustrates this. In this attack, malicious actors gained access to the airline's systems through a third-party vendor and stole sensitive information, including passport and credit card numbers from millions of passengers. This can then be used to develop large scale phishing campaigns, conduct identity fraud, and pivot to further attacks on individuals, not to mention the regulatory impact this had on the airline.
The industry must take proactive measures to address cybersecurity third-party risks and supply chain attacks, and guard against becoming reactive to these threats. This means implementing strict security protocols, conducting regular audits of third-party vendors, and ensuring that all aviation systems and related infrastructure are hardened and secure from potential attacks.
It is important for all operations in the aviation industry, and third parties, to have in place the right combination of security measures. Endpoint Protection, Vulnerability Management as a Service, and Threat and Risk Intelligence are crucial elements that all airports need, to safeguard against the latest cyber risks targeting the industry.
A MSSP can help alleviate cyber security issues within aviation by providing the necessary expertise to bridge the knowledge gap, assist with regulatory compliance, and streamline data management across the organization, ultimately improving overall cybersecurity posture.
Cybersecurity Managers, Incident Responders, and Analysts provide a best-class service. SecurityHQ’s CSMs and Analysts are highly certified, coming from infrastructure, network, and development backgrounds, and can cover every area of an extensive technology stack. With 24/7/365 Global SOCs, incident response around the clock is provided, meaning you are never without protection from malicious actors.
About SecurityHQ
Global MSSP with world-class Security Operation Centers (SOC’s) located around the world, to manage, detect and defend against all malicious activity. Powered by real-time log analytics, security orchestration, automation & response tooling for investigation, threat hunting and response, the company’s 300+ analysts are available to detect, monitor & respond to cyber threats around the clock, to address security risks and challenges, and improve security posture. By combining dedicated security experts, cutting-edge technology and processes, clients receive an enterprise-grade experience that ensures all IT virtual assets, cloud, and traditional infrastructures, are protected.
For more information visit www.securityhq.com | LinkedIn | Facebook | Twitter
Authors: Tim Chambers, Senior Cyber Security Manager, SecurityHQ, and Eleanor Barlow, Content Manager, SecurityHQ
26th July 2023