New research from PA Consulting Group has found that airports are ill-equipped to deal with a major cyberattack. Overcome the Silent Threat says that the emergence of the hyper-connected airport model, with customers’ desire for fast internet and digital engagement with airlines and retailers, leaving more opportunity for hackers.
According to the European Aviation Safety Agency, airports and aviation systems worldwide currently suffer from around 1,000 cyberattacks each month. The risk to airports is only increasing as the use of digital infrastructure increases in day to day operations, says the report.
“Fundamentally, the focus on physical security needs to be applied with the same rigour in the cyber arena if airports are going to build resilience to potentially catastrophic cyberattacks,” said David Oliver, Global Transport Security Lead at PA Consulting Group. “If the industry does not act now, it will find itself at increased vulnerability to cyberattacks as new technologies become part of everyday operations.”
The report identifies the growing trend for airports to use remote control and monitoring for air traffic control systems as a key area where airports could be attacked. The data links upon which these remote towers are so dependant could be susceptible to attack, making it impossible to manage airport traffic.
David Oliver added: “With the EU Network and Information Systems Directive, which aims to improve the cyber resilience of the UK’s essential services, now in force, UK airports risk penalties of up to £17 million for failing to put in place appropriate cyber security measures.”