How commercial airports can be a target for cyber attacks

by Marco Salvo  |  April 11, 2019  |  CYBER INTELLIGENCE INITIATIVE

Commercial airports are very important in society, considering how thousands of people fly all over the world each day. These airports are responsible for collecting, managing, and securing customer data, as well as managing data that is critical to airport infrastructure. According to a U.S. Homeland Security Presidential Directive, aviation and airports are known to be a critical infrastructure and key resource sector.

Commercial airports also use many different types of technology, networks, and computer systems to make their processes work efficiently. Many commercial airports use IoT (Internet of Things) technology, which is a network of internet-connected objects able to connect to one another and transfer or exchange data. This form of technology and networks may have highly sensitive data, which potential hackers might see as valuable. The data shared between these networks can include personal identifiable information from customers who use a certain airline to fly to his or her destination. The hacked information can be from a credit card number that was used to purchase a flight to social security numbers.

Denial of Service (DDoS) attacks have been quite common in airports.  The objective of these attacks is to temporarily or permanently disrupt network services. DDoS attacks also have the ability to affect critical information systems and networks which can have a serious impact on an airport’s system availability.

The communication systems that are used by airlines in a commercial airport may also be a potential target for a hacker. In a hypothetical situation, jamming the communication systems of an airline could have detrimental effects to airport security, considering the large amount of casualties that could occur if there ever was a miscommunication, or confusion, between air traffic controllers.

Malicious software or malware attacks also pose a cyber threat to airports because of their ability to hinder smart devices, including passenger and staff portable devices. Additionally, these softwares are able to infect servers and other smart components, which can impair an airport’s data acquisition or supervisory control systems.

Phishing attacks also represent a danger to airports. These attacks target individuals who are not familiar with cyber security awareness. They can trick employees of an airline to download a software update, thereby entering their username and password. This process would allow the hacker to infiltrate and fully access accounts or critical security data, all while being untraceable.

Current cyber security defense systems are geared to ward off phishing attempts and include filtering capabilities. However, even with this capability, phishing attacks still get through and can start a process leading to severe damage.

Commercial airports can become a target by many different parties, including other commercial competitors, non-state actors, lone wolf hackers or vandals, and even foreign states. Commercial competitors are motivated by obtaining damaging or confidential information in order to gain commercial intelligence from private and public companies. Non-state actors, lone wolf hackers, or vandals can be motivated into committing a cyber-attack on airports to raise awareness of their group’s political mission, to obtain critical data and sell it for a profit, or just to cause chaos.

A cyber-attack conducted by a foreign state is the most dangerous, considering that foreign states normally have greater resources and higher capabilities compared to these other parties that could conduct cyber-attacks on commercial airports. A foreign state could conduct an attack to increase intelligence, gain military, political, or strategic insight, or, in a worst-case scenario, cause severe casualties.

With this said, commercial airports are vital to homeland security, considering how critical airports are to public infrastructure. Commercial airports require a vast number of cyber security protocols and methods in order to protect them from harm, because a large cyber-attack on a number of commercial airports in the United States could have severe impact on the nation as a whole.