Airports have always been highly targeted by malicious nation-state actors because they can result in high-profile disruption, causalities and damage a country’s reputation. In 2019, a grave new risk has reared its head – airport cyber attack.
Modern airports are completely on emergent technologies such as the Internet of things (IoT), cloud and integrated systems for efficient, uninterrupted management of the logistical challenges. All of this interconnected technology also leads to an unwieldy multitude of new vulnerabilities and potential exploits that make airport cyber attack a very real risk today. The heat is on C-level airport executives around the world who are responsible for strengthening their security posture to prevent airport cyber attack. This article will highlight some of the most menacing airport cyber attack risks and challenges.
Airport Cyber Attack Risks
- Increased number of attacks: According to a study by the European Aviation Security Agency (EASA), there is an average of 1,000 airport cyber attacks per month. The Cathay Pacific breach was one of the biggest security breaches of 2018 and resulted in a data breach of more than 9.4 million records.
- Ubiquitous technology & hyper-connectivity: Airports have experienced a swift adoption of new technologies such as data link technologies for voice communication, electronic tags for baggage handling, remote check-in, smart boarding gates, new applications for self-service etc. These all create new vulnerabilities and airport cyber attack risks. Airports around the world moved towards centralized architecture to meet the need for information sharing and providing services to different parties in an efficient way. This means physical assets, such as scanners and monitors, are connected to airport systems and hackers can gain easy access to internal systems through physical assets.
- IT/OT systems are insecure by designs: Traditionally, IT systems have been isolated from OT systems and were primarily built to ensure availability, rather than to be secure. In addition, there are other concerns, including IT security systems that don’t work for OT systems and organizational confusion about who owns OT security. There are numerous OT assets such as luggage carousels, TIBCO Enterprise Service Bus (ESB), Live Datamart business rules engines, Inductive Automation’s Ignition SCADA and many more which need to be protected. Therefore, it is a big challenge for CISOs to ensure end-to-end security across a wide network of siloed legacy systems.
- The multitude of stakeholders and regulations: Transportation is a global industry, with so many integrated systems and stakeholders, which also include other parties’ systems. With regulations and systems becoming more and more complex, it is an uphill task for security leaders to keep up to speed with appropriate security measures.
How to Prevent Airport Cyber Attack:
- Invest in tools for building robust security: Airports need to invest in the right set of analytics tools with built-in artificial intelligence and machine learning that allows them to detect and respond to alerts in real-time while reducing costs.
- SCADA/ICS security solution: With thousands of assets at risk, it is imperative to have a tool that can help security leaders with unprecedented OT asset discovery and visibility. The security tool should not only be capable of detecting known vulnerability exploits (CVEs), but also undocumented zero-day attacks and operational risks.
- Executive support and more security budget: Executive leadership should understand the challenges of preventing airport cyber attacks. Building a strong cybersecurity ecosystem should be on the airport’s agenda for every quarterly meeting, if not monthly. Security leaders should be given sufficient budgets for securing their ecosystem, otherwise, the repercussions of severe airport cyber attack can be quite appalling.
- Establish security monitoring and incident response capability: Effective management of an incidence is imperative for airports, especially after a delay of 7 months by Cathay Pacific created an unnecessary panic in customers. The kind of platform that has big data capabilities, provide insights to analysts in a real-time and accelerate mean time to respond.
- Ensure cyber-security stakeholders are identified and managed: One of the biggest challenges in airport ecosystems is identifying the stakeholders. There is always a dilemma who owns OT security and IT security. This needs to be resolved and each stakeholder should be assigned proper roles and responsibilities. Apart from that, airports should regularly interact with external stakeholders or parties. They should also have a strong cybersecurity ecosystem and examine them on a regular basis if they are following best security practices.
Mitigate Airport Cyber Attack Risk with Cyberbit SCADAShield
Cyberbit provides one of the first unified, analytics-driven product suite for advanced, multi-vector threat detection, incident response and simulated training, across IT and OT systems. Cyberbit SCADAShield is the world-leading OT security platform, chosen by critical infrastructure organizations worldwide like airports, energy refineries, manufacturing sector and many more to protect ICS/SCADA networks, electric grids, transportation networks, manufacturing lines, smart buildings and data centers. SCADAShield provides unprecedented OT asset discovery and visibility, detects known OT threats, unknown OT threats, and anomalies, as well as deviations from operational restrictions, by using 7-layer deep packet inspection (DPI).
Listen to FREE webcast:
OT Security Starts with Visibility with Mr. Cecil Pineda, former CISO of Dallas Fort Worth International Airport and now CISO at Cyber Watch Systems
Vaibhav Singhal is Marketing Manager for APAC at Cyberbit.