View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Cyber Risks Rise at Airports

Report comes amid 1000 cyber attacks on airports each month

By Shrina Gohil

A new report from PA Consulting Group in London shared with Computer Business Review warns that a more “unified” technological passenger airport experience is posing greater cyber risks for airports.

The European Aviation Safety Agency has reported over 1000 cyber-attacks each month on aviation systems and suggested the number is most likely to increase with advancing digitalisation passenger engagement.

The “Overcome the Silent Threat” report by the consultancy claims that “advancing technology such as smart boarding gates and biometric immigration controls” may “expose airports to new risks and unknown threats”.

The reports authors called for a “single point of accountability” for cybersecurity at airports: “Organisations should nominate a board member to be responsible for cybersecurity”, they urged, adding that while vendors and integrators are getting better at providing product security, organisations still need to prioritise cybersecurity as a tender assessment factor.

The report also identified other weak points such the replacement of humans with digital instructions, meaning the pilot potentially cannot recognise if instructions such as false clearance messages are suspicious, causing more opportunity for cyber-terrorism.

As airports are an interesting target for criminal and terrorist organisations with previous occasions of hijacking, protestors and terminal shootings happening around the globe, the report explains cyber resilience is another key factor that C-level airport leaders must continuously govern to prevent dangerous incidents.

IT/OT Towers

Traditionally IT systems have been isolated from OT systems, the report notes, but with airports increasingly realising that integrating the two can bring efficiencies including realtime data gathering, processing and decision-making.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

The ability to constantly monitor a system’s health, track operational processes, receive instantaneous information and exchange data with IT systems opens a whole new world of opportunities to improve airport operations, the report notes, but also broadens the threat vector for attackers.

In another report, PA Consulting Group researched and assessed four major international airports and found three key spaces in the aviation industry that must be researched further to avoid costly disruption and potentially, worse:

  • Information security has to be given the same attention as physical and personnel security to build strategical cyber security resilience
  • Operational technologies such as bagging handling equipment are just as significant as IT systems when analysing how disruption can be prevented to airport passengers, operations and other international airports
  • Aviation is far-off other industries on cyber security and must find material from sources such as the energy sector to learn more information

As there is no uniform model to manage airport cyber security, the research explains practical steps to overcome these difficulties. One of the main features includes adopting a life-cycle approach to information security as it ensures security standards are governed in all procurements such as design and use.

Moreover, other factors involve confirming cyber security stakeholders are identified and managed in the airport, aligning cyber security with physical and personnel security and establishing a strong cyber security culture in the airport itself will mean counteracting cyber risks overtime.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU