TechGuard Blog

Cybersecurity BEYOND the Troposphere

Technology, much like the industrial revolution, has changed the fundamentals of how humans exist in the world. In 1712, the first example of a steam engine was invented by Thomas Newcomen. Though it wasn’t very useful, it started the revolution. It then took 191 years for Orville and Wilbur Wright to take flight over a North Carolina beach in an engine they invented, and that flight only lasted twelve seconds. 191 years seems like a long time at a glance, but in the grand scheme of things, I would say that’s a pretty good job by the human species. However, the advances made in technology as we know it today have occurred at such a rapid pace it’s almost inconceivable.

There could be a healthy debate on when exactly computers made their way into the cockpit of an airliner. For the sake of argument, I’m going to use 1982, when what’s known as a “Glass Cockpit” was introduced. That’s when an instrument malfunction was no longer a mechanical error but a computer error. It only took 79 years to go from a twelve-second flight to a fully automated airliner, and there’s simply not enough time in the day to talk about the advancements made from 1982 until now.

The rapid pace of advancement in these technologies comes with its own set of difficulties. The aviation industry is now using a wide computer-based interconnected system, spanning from air navigation systems, onboard aircraft control and communication systems, airport ground systems, flight information systems, security screening, and many others that are used daily and for all aviation-related operations. At this point, a plane is nothing more than a computer that has two wings and a means of propulsion. And if there’s one thing we know, it’s that computers can fail with little rhyme or reason.

There have been news stories in the past of passengers claiming that they hacked the inflight entertainment and then made their way to hacking the flight controls. It’s damaging and anything but helpful because it simply isn’t true. There are still people involved in flying a plane, and the human element keeps it safe. The pilots have spent years learning how to manage and mitigate risk to safely operate and fly these planes. The risk of a cyberattack is much more likely to occur within the airport and the facilities that the airline bases its business.

For aviation companies, the risk of having a cyberattack would hurt the trust they’ve built with the public. After September 11th, the public had a real fear of flying and its physical security. So, what did companies do? They increased physical security before entering the terminals, they cracked down the size of water bottles allowed on flights, among numerous other precautions, and slowly but surely, the trust was rebuilt.

Why wait for a cyberattack to happen? Why risk that trust with the public? Especially now, coming off a year-long pandemic that put so many airlines and aviation companies to rest permanently. As an outsider looking in, the aviation world has a huge PR crisis on its hands with how they’ve handled the post-pandemic travel rules. If there were a breach in cybersecurity leading to leaks of customers' personal information, I’m not so sure their trust would be restored easily.

Aviation cybersecurity doesn’t start and end with the airline operators either. There’s a massive supply chain involved with the building and maintenance of a plane as well. (If you’re curious about how supply chains can be affected by a cyberattack, check out our other blog here.) Regular penetration testing, vulnerability testing, and incident response planning are all very simple ways to protect not only your link in the aviation supply chain but also the links before you and after you. Aviation is an important feature in this world. It connects us with people around the world in ways Orville and Wilbur could never have imagined on their twelve-second flight. Let’s all agree to take the proper precautions and protect aviation.

Written by Kevin Urbeck