COMMENTARY. Over the last three years, the global aviation industry has been left reeling by a post-pandemic sucker punch that hit the sector with over $185 billion in losses. Once a bastion of American prosperity, airlines were forced into survival mode, cutting staff from their workforce and flights from their schedules. The North Star of success in aviation continues to be the safety of passengers, systems, and the data they house. The cybersecurity of airlines and manufacturers has opened a new domain of safety crucial for the continuity of flight systems, servers, and communication equipment. Security has become an integral component of an economic powerhouse that has contributed to American transportation, trade, and commerce for over 100 years. To ensure the security of the industry for the next century, protecting critical infrastructure from increasingly complex and frequent cyberattacks should be the No. 1 priority for large organizations across the US. The new litmus test for investors and insurers will be how prepared airlines and manufacturers are for the potentially debilitating consequences of a cyberattack. The Rising Tide of Accountability Of all cyberattacks against the aviation industry in 2021, 55% resulted in financial loss, and over one-third resulted in the leaking or theft of personal data. Ransomware responses continue to evolve as regulations tighten. In light of this, regulatory bodies and lawmakers have sounded the alarm, placing a spotlight on securing systems and networks against rising threats. In March 2023, the Transportation Security Administration issued an "Emergency amendment" to airports and aircraft operators' security programs. The amendment mandates TSA-regulated entities develop implementation plans to improve their cybersecurity resilience, aiming to prevent disruption and degradation to their infrastructure. At the same time, the US government's new National Cybersecurity Strategy this year has reinforced the necessity of defending critical infrastructure by shifting responsibility from individuals to large organizations. This coordinated governmental strategy has, in part, been a response to the abundance of attacks against targets in the aviation sector. Canadian low-cost airline SunWing faced four days of flight delays last year after third-party software systems breached the check-in process. Indian carrier SpiceJet was also hit by a ransomware attack that left hundreds stranded at airports nationwide, showing that these events are occurring in all corners of the world. The International Air Transportation Association is the foremost authority of global aviation best practice. They made the responsibility of civil aviation cybersecurity clear, stating that "People, processes, and technology" are the three main components dependent upon each other to create a unified cyber strategy. Traditional General Data Protection Regulation approaches to assessing and reducing cyber-risk have simply become obsolete. If pilots navigated planes only using their knowledge of flight controls, this would not prepare them for the demands of neutralizing an engine failure at 30,000 feet. The next generation of cybersecurity is now taking this concept and applying it to the defense of critical assets in the aviation industry. One Small Step for Tech, One Giant Leap for Cybersecurity Cyber-ranges are the government-grade flight simulators of cybersecurity. By battle-testing defenses in real-world conditions, airlines' IT and OT environments can experience the equivalent of three years' worth of attacks in just 24 hours. Many airlines use data collection and storage software seen in most industries, making lateral movement through networks relatively straightforward. Decision-makers in the halls of aviation titans around the country are now deciding how to implement precautions to secure these systems and bolster their company's investment strategy for the next stage of growth. Prioritizing government-grade cybersecurity can help them refine their incident response plans, train employees, and comply with the latest groundswell of regulation. By implementing a "Train to failure" mindset, companies can test their defenses against phishing, DDoS attacks and data-breach techniques that contribute to around two-thirds of all cyber threats in the industry today. If an aviation organization loses less than 1% of its customers as a result of a data breach, millions of dollars in revenue could be lost. Carriers and manufacturers need the data and insight into their IT and OT environments to see what is working, and what isn't. By implementing a proactive approach to cybersecurity, effective mitigation of threats can be achieved, reducing the dwell time of attackers. By removing the "Unknown unknowns" of cyber threats, businesses can achieve the maximum levels of protection needed to keep their company safe.
This Cyber News was published on www.darkreading.com. Publication date: Thu, 30 Nov 2023 20:25:01 +0000