Rawpixel.com - Fotolia

Most airports not protected from cyber threats

The chairman of the Israel Airports Authority paints a dismal picture of the state of cyber security in aviation, and offers advice on what can be done to avert the next disaster

This article can also be found in the Premium Editorial Download: CW ANZ: CW ANZ: Fix the weak links

At Israel’s Ben Gurion Airport in Tel Aviv, about 40% of airport workers are security personnel who work tirelessly around the clock to protect the country’s main international airport from terrorist attacks.

The heightened focus on airport security started well over 40 years ago, after Israeli forces had freed hostages from a hijacked aircraft in a major attack, according to Eliezer Marum, chairman of the Israel Airports Authority.

Today, the airport is equipped with sophisticated physical security systems and intelligent security units to fend off growing threats that have also become increasingly cyber in nature.

“We must assume that the threat is imminent,” said Marum at CyberTech Asia 2018 in Singapore, noting that there are sophisticated, trained terrorists who are plotting attacks against airports, including interconnected airport IT systems, to hit the news headlines.

Adding to the challenge is the reality that unlike military systems, IT systems at airports cannot be isolated from the internet as passengers and airport employees depend on them to facilitate travel and airport operations, said Marum, a retired vice-admiral and former commander of the Israeli Navy.

As more airport operators such as Singapore’s Changi Airport Group start to offer fully automated passenger experiences, Marum said the impact of a cyber attack will be even more severe, to the extent of paralysing entire terminals.

Despite the risks, Marum said most aviation regulations only address physical security, not cyber security. “There’s almost nothing on cyber, apart from some guidelines here and there,” he said. “If I paralyse your screening systems to allow bad things to pass, your airport will be exposed to big physical security threats.”

Most airports vulnerable to cyber attacks

Speaking from his experience and without revealing loopholes in airport IT systems for security reasons, Marum said most of the world’s airports are vulnerable to cyber attacks. “They have many physical security people, but they’re not protected in cyber,” he said.

To address this, Marum said the Israel Airports Authority is considering establishing and leading a cyber association of airport operators to draft new security standards for airports.

Meanwhile, Marum offered some advice on securing airport IT and aviation systems. He said airports must recognise potential threats, integrate physical and cyber security, as well as adopt security measures like a hurdle race – that is, to place more obstacles in the way of threat actors who are more likely to give up after repeated failures to compromise a system.

Read more about cyber security in APAC

  • Cyber criminals will ramp up efforts to mine cryptocurrencies, while mobile malware will rear its ugly head across the APAC region in 2018.
  • The computer networks of two universities in Singapore were breached in April 2017 by hackers looking to steal information related to government or research.
  • The Australian Broadcasting Corporation is the latest organisation to fall prey to misconfigured Amazon S3 storage buckets, exposing database backups and sensitive data such as login credentials.
  • Cyber resilience remains low across Southeast Asia, a regional economic powerhouse that is increasingly susceptible to cyber threats as its digital economy grows.

International cooperation is also key, so that threat intelligence can be shared between airport operators and intelligence agencies to avert the next major terrorist attack, which Marum said is likely to be bigger than the 9-11 attack on the US. “You will not see the enemy, who will be sitting somewhere in an air-conditioned room ready to attack and surprise you,” he said.

According to a recent survey, nearly 70% of cyber security leaders in the Asia-Pacific region believe a major attack affecting critical infrastructure across multiple countries will happen in the next two years.

However, the respondents were not confident of their ability to deal with looming threats. More than half of them said the lack of funds and security staff had hampered their ability to fight threats.

Read more on Hackers and cybercrime prevention