As we develop new technology every day in aviation, cyber attacks become more prevalent and cause quite a concern for everyone. I will go over the 3 best layers to battle against cyber attacks in relation to aviation.
1. Intelligence: TSA is constantly gathering intelligence before anyone even boards the plane. They get as much information about each individual to see if they are a known terrorist or on the "do not fly list". They also protect those individuals who are not a known terrorist, or on the "do not fly list" information that they do gather, so others cannot harm them with identity theft or other malicious attacks. TSA also uses the help of other agencies such as the FBI, CIA, and other security agencies in helping gather and disseminate intelligence information. "A good example of TSA airport coordination involved dissemination of information by TSA to airports concerning the threat of portable anti-aircraft missiles. Following a terrorist attempt to down a civilian aircraft over Mombasa, Kenya, in 2002, US officials began a concerted effort to educate local law enforcement and security officials about these weapons." (https://www.cia.gov/library/center-for-the-study-of-intelligence/csi-publications/csi-studies/studies/vol50no3/airport_security_5.htm) The main issue with gathering intelligence in relation to cyber attacks is hacking. This is harder to do since there are multiple agencies involved in gathering intelligence, so if one is hacked, the other agencies being hacked is not likely.
2. Crew Vetting: Crew vetting is very important in battling cyber attacks because a lot of aviation technology is not in a Network Infrastructure. This means that if you hire an employee who knows the technology and can manipulate them however they choose this can cause catastrophic damage. "Airports often use integrated systems and local engineers to install, monitor or service these industrial systems, such as BHSs and many others. These systems are not always owned by the airport itself, but third parties, like airlines and suppliers, are responsible for those. Those organizations might have different interests, especially when it comes to cybersecurity." (Bert Williamson pg. 240) As we can see not only do we need to take the necessary precautions in hiring crew, but also the suppliers of aviation technology.
3. Checked Baggage: Our machines continue to advance in there ability to scan for items inside baggage that would cause a threat to the airport and airplane. The main issue that I see is as they advance so does the integration of each machine which causes it to be more vulnerable. To battle this there should be both the integrated system and an individual/private system to compare with each other if there is a difference between the two. Also an area of security in regards to the BHS ( baggage handling system), that often gets forgotten about with cyber attacks is the hold baggage area. "The hold baggage is a ‘forgotten’ area for cybersecurity. Airports tend to extend and build on existing equipment and therefore old PLCs and industrial (digital) equipment designed with an operational focus are still in use and often connected to newly installed machines." (Bert Williamson pg. 244) We can mitigate this by using the same procedures used for checked baggage.
All in all for all three of these layers we need to Audit these technologies. "Regular IT assessments and vulnerability scans throughout the supply chain are helpful to keep the airport’s extended IT infrastructure up-to-date, but actual penetration testing with advanced techniques will provide the airport organization the needed insight on whether it is actually in control of its IT security (including third parties) or have been shutting their eyes to the real (ever changing) dangers out there while adding ticks to checklists."( Bert Williamson pg. 243) By doing this we have the best chances in beating cyber attacks.
References/Sources
Extending the airport boundary: Connecting physical security and cybersecurity by Bert Williamson
Benjamine,
ReplyDeleteNice post for this weeks discussion. There are numerous factors that play a role in keeping airports safe from potential terror attacks. Crew vetting is very important; this applies to all airline employees and airport employees. It is not unheard of to have an act of terror completed because that individual had inside connections somewhere. The vetting process is incredibly important to ensure that nefarious individuals are not granted access to sensitive areas on the airport.
Felicia