A new report by PA Consulting Group claims that airports are ill-equipped to deal with major cyberattacks. The Overcome the Silent Threat report says that the emergence of a hyper-connected model – where passengers in airports want fast internet and digital engagement with airlines and retailers – is increasing hacking opportunities for cyber criminals.
According to the European Aviation Safety Agency, there are around 1,000 cyberattacks each month on airport and aviation systems worldwide. Research for the report found airports are at a high risk of cyberattack due to an increasing use of technologies and digital infrastructure in day-to-day operations, new data sharing obligations and greater connectivity across staff and passenger devices within airports.
A number of airports are exploring the option of providing remote control and monitoring for air traffic control systems and on the airfield. As remote towers are highly dependent on the data links that transmit information from one place to another, a cyberattack or physical attack could disrupt operations, including making it impossible to manage airport traffic.
David Oliver, global transport security lead at PA Consulting Group, said, “Fundamentally, the focus on physical security needs to be applied with the same rigor in the cyber arena if airports are going to build resilience to potentially catastrophic cyberattacks.
“If the industry does not act now, it will find itself at increased vulnerability to cyberattacks as new technologies become part of everyday operations.”
“With the EU Network and Information Systems Directive – which aims to improve the cyber resilience of the UK’s essential services – now in force, UK airports risk penalties of up to £17M (US$22.9m) for failing to put in place appropriate cybersecurity measures.”
The report is based on analysis and interviews with four major international airports.