Civil aviation is mainly reliant on cyber-enabled technology that is used to increase the safety and efficiency of air transport.
However, as the aviation industry becomes increasingly digitalized, the interconnectivity of systems and dependence on technology has led to the emergence of new risks.
The aviation industry is now using a computer-based interconnected system spanning across air navigation systems, onboard aircraft control and communication systems, airport ground systems, flight information systems, security screening and many other technologies that are used on a daily basis and for all aviation-related operations.
Cybersecurity professionals believe some of the major cyber threats to the aviation industry include the downing of an airplane. This can occur several ways such as doing damage to vital systems, or disrupting information and changing data that could cause pilots to make wrong decisions. Cyber criminals could also disrupt information that would cause a false representation that would force the pilots to land the aircraft.
There’s also the fear of bad actors disabling an entire airport. Besides the economic impact, taking control of an airport system will surely cause “public trust“ damage.
Additionally, there’s much concern over the industry’s Automatic Dependent Surveillance Broadcast (ADS-B) system, a modern, preferred surveillance technology in which an aircraft determines its position via satellite navigation and periodically broadcasts it, enabling it to be tracked by air traffic controllers — as well as cyber criminals.
The Defense Department is particularly worried over the known cybersecurity risks of what has become a mandatory aircraft tracking system.
Want to learn more? Tonex offers Aviation Cybersecurity Airworthiness Certification, a 3-day course that introduces participants to the aviation industry’s best practices cybersecurity risk assessment, analysis, development, mitigation and assurance.
Additionally, Tonex offers nearly three dozen more courses in Cybersecurity Foundation. This includes cutting edge courses like:
—Cybersecurity Fundamentals (2 days)
—Electric Grid Cybersecurity Master Certification (4 weeks)
—Network Security Training (2 days)
—Software Security Training (2 days)
—ICS Cybersecurity Training (4 days)
For more information, questions, comments, contact us.