The International Civil Aviation Organization (ICAO) announced on January 10 that a declaration strengthening global aviation security and cybersecurity measures was adopted at ICAO Security Week 2024 in Muscat, Oman, in December.
Some 31 ministers and high-level officials endorsed the Muscat Declaration, which urges countries to strengthen efforts against both traditional and emerging threats, including insider threats and cyberattacks. It calls for aviation security and cybersecurity to receive the same high priority and support as other aspects of civil aviation operations, while emphasizing the need for risk-based and outcome-focused policies to guide the development of sustainable security measures.
Information sharing
“We cannot stand still,” stated ICAO Council president Salvatore Sciacchitano, who said innovation was needed to counter both new and existing threats.
The Declaration places particular emphasis on information sharing for threat assessment and prevention, the development of qualified security professionals, and the implementation of ICAO’s Aviation Cybersecurity Strategy. It also advocates for countries to ratify the Beijing Convention and Protocol of 2010 as crucial instruments for deterring and responding to attacks against civil aviation.
Regional cooperation
Additionally, the Muscat Declaration calls for enhanced regional cooperation through programs such as the Comprehensive Regional Implementation Plan for Aviation Security and Facilitation in Africa and the Cooperative Aviation Security Program for the Middle East. These initiatives support ICAO’s “No Country Left Behind” goal by providing targeted assistance and capacity-building to regions in need.
The declaration will guide preparatory work for the 42nd ICAO Assembly in 2025, driving the review of consolidated policies on Aviation Security and strengthening resolutions on cybersecurity.
“This declaration ensures that this meeting will be seen as a significant milestone in our aviation security journey,” said ICAO secretary general Juan Carlos Salazar in his closing address to the Ministerial Segment at ICAO Security Week, which was for the first time held outside ICAO headquarters.
Data security incident
News of the Muscat Declaration comes as ICAO is actively investigating an information security incident allegedly linked to a threat actor known for targeting international organizations.
ICAO has confirmed that the reported information security incident involves approximately 42,000 recruitment application data records from April 2016 to July 2024 claimed to be released by the threat actor known as Natohub.
Global Aviation Security Plan
In addition to the Muscat Declaration, ICAO Security Week 2024 also unveiled the second edition of ICAO’s Global Aviation Security Plan, which sets an ambitious target for member states to reach or surpass 75% effective implementation of aviation security standards by 2033.
The European Union Aviation Safety Agency cited cybersecurity as an increasing concern in February 2024. Read more about it here.