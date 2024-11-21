Cybersecurity attacks and data breaches have touched all parts of the aviation industry for the past several decades. Notable incidents include the Cathay Pacific breach which affected more than 9 million passengers’ personal information and the 2021 SITA breach of frequent flyer members, primarily Star Alliance and OneWorld members. The Los Angeles airport website was the victim of a DDoS attack that took its website offline for several hours.

“The reality is stark: our aviation industry is under constant threat from cyberattacks, up 74% since 2020. With the aviation sector contributing more than 5% of our GDP, USD 1.9 trillion in total economic activity, and supporting 11 million jobs, we have to wake up and take these aviation cyber threats seriously,” said U.S. Senator Maria Cantwell at a September 18, 2024, Congressional Hearing.

Overall, the aviation industry currently receives a B grade, according to The Cyber Risk Landscape of the Global Aviation Industry, 2024 report. Researchers found that the organizations that were ranked at a B were 2.9 times more likely to be victims of data breaches than those with an A rating, illustrating the big impact of seemingly small differences. Ransomware attacks remain a top threat, with recent research by Bridewell finding that 55% of civil aviation cyber decision-makers have admitted to being on the receiving end of a ransomware attack in the past 12 months. When asked about the impact, 38% reported operational disruption and 41% said that their organization lost data.

Ted Theisen, a Managing Director in FTI Consulting’s Cybersecurity practice, said that the prolific use of legacy equipment and systems in the aviation industry lacks the features needed to protect them, such as installing critical updates and compatibility with new protocols. Because the aviation industry often outsources services to third parties, the vendors can access systems and networks, thus introducing vulnerabilities.

“The distributed workforce and distributed systems create an expanded attack surface that increase access points that can be exploited by threat actors,” says Theisen. “This dispersed setup makes it challenging to secure systems, monitor for cybersecurity threats and mitigate unauthorized access.”