Dive Brief:
- The aviation industry is facing significant threats to its ability to maintain cyber resilience and must address key issues ranging from aging technology, outdated software and growing risks from sophisticated threat actors, according to a report released Thursday from the Foundation for Defense of Democracies.
- The report calls on the Federal Aviation Administration to conduct a comprehensive modernization of the nation’s air traffic control system with a strong focus on cyber resilience.
- The Transportation Security Administration, working with the FAA and Cybersecurity and Infrastructure Security Agency, should conduct comprehensive cyber vulnerability and risk assessments on major hub airports used for civilian and military purposes, according to the report.
Dive Insight:
The report acknowledges that government agencies and the private sector have taken steps to address several cybersecurity deficiencies, but commercial airlines are running at full capacity and the stresses on the system are outpacing the nation’s ability to keep up with the growing threat.
“We are pushing decades-old aviation systems to handle high-demand travel 24/7, and the cracks are showing,” Jiwon Ma, senior policy analyst at FDD’s Center on Cyber and Policy Innovation, said via email. “Even without a cyberattack, outdated technologies and fragile logistics can lead to massive disruptions, like we saw with Southwest in 2022 and the CrowdStrike incident last year.”
The TSA in 2023 took several steps to enhance aviation security as part of the Biden administration’s national cybersecurity strategy.
The FAA declined to comment on specific strategies used to combat cyber threats, but a spokesperson defended the agency’s record.
“The agency has a comprehensive approach to protect the National Airspace System from cybersecurity threats,” the FAA spokesperson said via email. “We work closely with intelligence and security experts throughout the federal government and private sector to identify and mitigate potential risks to our systems.”
The report comes at a time of growing threats to critical supply chains and sophisticated attacks targeting the aviation sector.
- Delta Air Lines was forced to cancel thousands of flights in July 2024 when a faulty software update at CrowdStrike caused about 8.5 million Microsoft Windows computers to fail. The airline filed a $500 million lawsuit against CrowdStrike seeking damages.
- The Port of Seattle was disrupted by a multiday attack in August 2024 linked to Rhysida ransomware. The attack impacted ticketing, check-in and other services at the Seattle Tacoma International Airport. Earlier this month, the Port sent out 90,000 breach disclosure letters to workers, contractors and others whose data was stolen in the attack.
- Boeing was targeted in 2023 by LockBit, which demanded a $200 million ransom demand and leaked the data. A separate 2022 attack targeted Jeppesen, a Boeing unit that provides flight navigation and operational planning tools.
