Shipping and supply vessel giant, Maersk, endured almost half a billion dollars in losses back in 2017 when their systems were infected by the NotPetya sabotageware. However, Maersk was not the target of the cyber-attack; so, how could this problem affect the aviation industry? Yes, the Maersk attack impacted the company, not its aircraft, but security researcher, Chris Kubecka, recently reported cybersecurity risks in aviation extend to planes in the air. Supporting Kubecka’s findings was Atlantic Council’s recent report on the current state of aviation cybersecurity, and our experienced crew at the aircraft dispatching school go into detail on how addressing aviation cybersecurity in the industry is imperative.
Bringing Cybersecurity in Aviation to the Forefront
According to a recent report from the Atlantic Council on aviation cybersecurity, e-Enabled aircraft are “flying data centers that continually travel around the globe with connected safety-critical systems, multiple connections over wired and wireless bearers, and multiple service suppliers both while on the ground and while airborne.”  Unfortunately, though, many industry professionals have a poor understanding of how to protect themselves and passengers from a potential cybersecurity risk. Not being equipped with technical expertise to mitigate such risks and enough financial or regulatory incentives, the aviation industry is looking at an unstable future.
The aviation industry managed to get ahead of security to earn efficiency gains to be had from rapid digitization. However, the aviation professionals are looking over their shoulders realizing it’s only a matter of time before a security issue comes back at full-force, with repercussions ranging from disruption of land-based systems to malware attacks on aircraft. An imminent cyber-attack on the aviation industry must be addressed and held at the same standard as air safety.
Safety vs. Security
Flying continues to be the safest way to travel, a result of the consistent efforts to develop air safety. Whistleblowing culture has also been rewarded and incentivized where a low-ranking mechanic or another airline employee can throw a red flag to stop an aircraft from taking off if they notice potential safety risks.
By contrast, the Atlantic Council reported how an employee addressing aviation cybersecurity vulnerabilities is met with shame and finger-pointing. The report further emphasizes the problem, stating “across much of the cybersecurity landscape, there arguably remains a stigma about discussing cybersecurity vulnerabilities and challenges that go beyond managing sensitive vulnerabilities. The aviation sector must actively work to improve and mature the current culture.”  The report further underlines the need for more education on aviation cybersecurity threats, and uses the Maersk cyber attack as an example of what can happen if the matter of aviation cybersecurity continues to be ignored.
As aviation technologies continue to become more advanced, it’s more important than ever to be educated on aviation cybersecurity to help future employers mitigate security risks. If you’d like to learn more about cybersecurity to excel in your aviation career, contact a member of our crew at 954-581-6022 today!
 Atlantic Council – Aviation Cybersecurity