Air transport sector faces daily barrage of attacks from cybercriminals


Airlines and airports face multiple cyberattacks every day and are “more of a target” for cyber criminals than many other businesses, according to a leading cybersecurity expert.

While new technology and growing digitalization provide opportunities for air transport providers to improve the passenger experience, they can also increase their vulnerability to attacks.

“Since air transport processes a great deal of personal information on passengers and also is aligned with the safety of those same passengers, there is an elevated risk of attack within this sector,” Nick Percoco, chief information security officer at Chicago-based data analytics firm Uptake, tells Runway Girl Network.

“Airports and airlines have two distinct threat actor groups to worry about: cyber criminals and cyber terrorists. Most organizations only have one to defend against.”


Percoco, who founded ‘ethical hacking’ group I Am The Cavalry and has advised the US Secret Service and Department of Homeland Security on cybersecurity issues, says that attacks can range from those aimed at discovering how airport and airline systems work to “more aggressive and blatant phishing and social engineering attempts to gain direct access to systems”.

While the most common motivation for attackers is to gain access to “lucrative” personal information and payment data, Percoco warns that a desire to cause “safety problems” can be another, more sinister, motivating factor.

Critical vulnerabilities in airline and airport IT systems must be “proactively identified and fixed” before they are discovered by attackers, says Percoco. However, he adds: “Like many industries, the adoption of new technology to delight customers and make their travel experience more enjoyable often leads the way while the security implications of the technology’s use lag behind.”

Munich Airport in Germany appears to be taking the threat of cybercrime seriously. The airport recently announced the opening of a new Information Security Hub, which it says will act as a center for IT specialists from the airport’s operating company, FMG, to work with experts from across the European aviation industry to “develop strategies for defending against cyberattacks and new approaches to the fight against cybercrime”.

The airport says it is the target of “all kinds of cyberattacks every single day”.

Marc Lindike, head of information security assurance at FMG, tells Runway Girl Network that these daily attacks include “around a hundred thousand port scans [where attackers probe a server or host for open ports that might be vulnerable], phishing mails or other ‘shotgun approaches”.

“It is like running around to check if a door or window is not locked properly, or has a weak lock. Until now they have been detected and blocked by our multi-layered protection successfully,” says Lindike.

While the attacks experienced by Munich Airport could cause “severe inconvenience and confusion” if successful, such as “displaying something funny on our public screens”, Lindike is dismissive of anything more serious getting through.

“The safety- and security-relevant systems have a lot of fallback layers. So inconvenience: Yes. Real dangers to life or something like that: No,” he says.

But thwarting these attacks will become increasingly difficult as processes become more digitalized.

“The further we move ahead with digitalization and the more functions are performed and networked by computers, the more potential points of attack they will present to global cyber criminals – and the more serious the potential consequences of targeted attacks will become,” says FMG chief financial officer and director of infrastructure Thomas Weyer.

The Information Security Hub contains four training rooms and IT labs, a control room and an ampitheater for presentations and briefings. The equipment will enable those who use it to simulate an attack and learn how to block it.

The Information Security Hub in Munich. Image: Stephan Goerlich / FMG

As well as training its own staff, Munich Airport is offering other airports and airlines the chance to use its new cybersecurity center to teach their employees to detect and prevent cyberattacks.

“Joining forces with our colleagues in the industry will allow us to share efforts and experiences for common tasks, increasing efficiency and quality in parallel,” says Lindike.

“The growing network of trust will also support quick and effective countermeasures in case of a ‘real’ attack on one or more of us.”

Related Articles: