Aside from physical threats such as bombings and hijacking, airlines and airports are also at an increasing risk of cyber attacks, causing the EU’s aviation safety agency to call for a unified strategy with dealing with such high-tech threats.
There have been several instances in the US, Turkey, Spain, Sweden, and Poland where aircraft’s computer systems were breached or infected by malware, causing flight delays, loss of information, and concern among passengers, regulators, and industry players.
There are fears that someday, terrorists might be able to crash a plane even from behind a computer screen.
“We have to be prepared always for the worst,” said Luc Tytgat, director of strategy and safety management at the European Aviation Safety Agency (EASA), an EU agency. He also revealed that aviation systems face an average of 1,000 cyber attacks each month.
“We have to take it seriously… We do not have much time,” he insisted at an event in Brussels, where he urged all members and partners of EASA to develop a common strategy or protocol in dealing with the cyber risks that threaten the aviation industry.
As the aviation industry has virtually no borders, having a common strategy to combat cyber threats is a top priority, especially in the US and Europe, homes of the world’s top plane makers.
According to Brian Moran, Boeing’s vice-president of government Affairs for Europe, trans-Atlantic cooperation is “absolutely essential” and that there is “great willingness to cooperate” from both sides of the pond.
At the European level, the response will take shape at EASA’s cybersecurity center, the Aviation Computer Emergency Response Team (AV-CERT). The center will help understand the nature of threats, collect data regarding previous attacks, identify vulnerabilities, and analyze and develop responses to threats.
These efforts in Europe are in line with recommendations by the high-level advisory committee established in June 2015 by the Federal Aviation Administration (FAA) in the US. The committee aims to identify risk areas and reach an agreement on international design and testing standards to react to and mitigate cyber attacks.
According to the International Air Transport Association (IATA), while airlines and airports have systems in place to deal with cyber attacks, “they haven’t always taken a holistic approach to the IT environment or considered the broader threat to the aviation system.”
“The next 9/11 will be caused by computer hackers infiltrating aircraft controls, not suicide bombers”, warned Dr. Gabi Siboni, director of the Cyber Security Program at Israel’s Institute for National Security Studies, in a conference earlier this year.
Security firm warns of heightened cyber attacks as Olympics approach
Hiscox named as Turkey terror attack lead insurer
Aviation to face growing cyber risks