Airlines step up efforts to tackle cyber security
risks
BY VICTORIA BRYAN
The aviation industry is stepping up
efforts
to enlist coordinated international
support in the battle against the threats
posed to airlines and passengers by
hackers and those seeking to exploit IT
systems
The security of commercial airlines and
whether the systems crucial to fly
planes are vulnerable to cyber attacks
hit the headlines in April after a
security
researcher claimed that he had been
able to hack into flight controls via his
under seat entertainment unit.
Along with Wi-Fi and electronics on
board, airlines, airports and air traffic
management companies are sharing
more information than ever before to
make flying more efficient and deal with
increasing numbers of passengers.
But that provides more interfaces that
can be exploited by attackers, aviation
industry representatives said at the
AVSEC World aviation security conference
in Dublin on Monday. Those seeking
to do mischief also know that
attacking an airline will guarantee
maximum
impact, they said.
As part of initiatives to shore up the
industry's
defenses, a team has been put
together by leading aviation industry
associations
to work on a declaration on
cyber security to put to members of the
United Nations' aviation safety arm next
year.
One of the issues being looked at, for
example, is the security of the ADS-B
system on aircraft, which sends
information
on a plane's position. The data
is unencrypted, which could make it
susceptible to outside interference.
"Protecting our industry from cyber
threats is hard, probably one of the
hardest things we are facing because
we do not know what we are facing or
for what we have to prepare," said
Jeff
Poole, director general of the Civil Air
Navigation Services Organization
(CANSO), highlighting the swiftness
with which the threat is changing.
UNITED NATIONS
Poole is part of the team coming up with
recommendations that will be presented
to the International Civil Aviation
Organization
(ICAO) next September, when
the U.N. body holds its regular triennial
meeting.
It will then be up to ICAO member
states whether to sign the declaration or
not, though this would not impose any
mandatory standards.
Jim Marriott, the ICAO's deputy director
aviation security and facilitation,
said that signing a declaration would be
a statement from member states that
they are taking the issue seriously.
States are also free to take action at a
national level before then, he said.
"We can only go so far ourselves as
an
industry. States have an important role
to play," Poole said.
Aircraft manufacturers can also do their
bit, said Tony Tyler, director general of
the International Air Transport
Association
(IATA), particularly as they often
have experience in the military sector.
Boeing's director for aviation security,
James Vasatka, told the conference that
his company hires hackers to test the
systems and software it puts on its
planes.
"They (the hackers) are absolutely
stunned at the quality we put in our
software
and products. It would be very difficult
in today's environment to disrupt
that for the flight-critical
systems," he
said.
No comments:
Post a Comment