Europe fails to curb cyber attacks on Aviation Industry


Europe has failed to curb cyber attacks on Airline operators, Aircraft manufacturers and authorities related to the aviation industry. And that’s due to the poor understanding of the threat severity by officials related to the government of EU and substantial differences within the industry.

However, the good news is that officials and private sector are somehow trying to calibrate sophistication with the right level of cooperation to mitigate risks associated with cyber attacks.

“Cyber attacks and Cyber Security is a rapidly developing issue”, said Dirk Polloczek, President of the European Cockpit Association. Mr. Polloczek added that the government and authorities should come forward to line-up certain standards which help isolate the entire aviation industry from the dreaded menace of cyber threats.

Unlike Europe, Aviation officials in United States have created an Aviation Information Sharing and Analysis Center (A-ISAC) in September 2014. Airlines, Boeing and Intelligence agencies such as the National Security Agency, FBI and CIA are all part of this group. They help in exchanging sensitive information about incidents and vulnerabilities in a secure trust network.
When the nation of Europe is taken into account, only Airbus and Lufthansa have become the voices of the association. No, other agency or airlines is coming forward to take over the burden.

In February 2016, the European Aviation Safety Agency (EASA) took the initiative to establish a European Centre for Cyber Security in Aviation (ECCSA). EASA invited many airlines manufacturers and operators to become a part of this program which helps in distributing the benefits of intelligence sharing of cyber attacks on a proportionate note. The agency also became operational to face these threats.

But lack of coordination in between the operators, manufacturers and the officials of EACA made them work in isolation most of the time. And as a result the implementation of the project received a setback. Moreover, companies remained wary of EU’s role in dealing with cyber attacks. Thus, exchange of information was hampered due to the lack of US mindset which made the security culture face a tough time.

Analysts agree that the main vulnerabilities to aviation are acknowledged with on the ground networks associated to the planes which U/L or D/L info related to flights. As these systems are less secure than those installed on aircraft, an alternative to tackle this issue in a smart and sophisticated way is still due.

Although, the International Air Transport Association (IATA) has developed a 3 pillar strategy to understand, define and assess the threats and risks associated with cyber attacks, EU laws do not offer the appropriate support to the regulation and mechanism for increased cooperation throughout the industry.

So, what do you suggest on this issue and how do you think the severity of the situation can be brought under control?

You can share your views through the comments section below.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display