by If the flight safety strike, incorrect drones and climate protesters were not sufficient to fight with the aviation industry, the aerospace industry has a new antagonist that threatens to bring things to a standstill: hacker.
This week it turned out that the secret group “scattered spiders”, the M&S and co-op attack, aims at the aviation industry.
Charles Carmakal, a manager in Google’s Cybersecurity unit, said that his company is “several incidents in the airline and in the transport sector that are aware of the company [of] Scattered spider. “
Sam Rubin of Palo Alto Networks said that his company “confused that the scale (also known as a scattered spider) aimed at the aviation industry”.
While neither Rubin nor Carmacal specified which airlines were targeted, Hawaiian Airlines and Westjet recently suffered cyber attacks. Westjet said that the incident “had some services and software systems” including its app, but no airline had suffered an operational disorder due to the violation.
The problem is not isolated in North America. On Monday, June 30th, Qantas suffered a big cyber attack, which reports that the personal data of up to six million customers affected.
A spokesman for the British Civil Aviation Authority (CAA) told The Telegraph: “We are aware of the rumored activities. We are in contact with the National Cyber Security Center and warned our industry contacts against this group and the techniques they use.”
One of the things that the CAA would have communicated to its industry contacts is that the attack, if they aimed at an industry, is usually persistent and relentless for a period of time. If the aviation is in line next, how could a hack play and what can you do to protect your vacation?
Worrying potential
There are a few different options for the hackers. It would be one to aim at the airlines’ corporate infrastructure. In 2018, 380,000 British Airways customers had their credit card data stolen in a major data violation. According to Alex Cruz, the former CEO of the airline, the bookings made in a two -week window were infiltrated in a “very sophisticated, malicious criminal attack”. The airline was later occupied for the security violation with a fine of £ 20 million.
A second scenario is that soil systems could be targeted. In 2015, the Flag carrier -Olos canceled 10 flights in Poland after Hacker had infiltrated the computer systems, spending the airport from Warsaw’s Chopin airport. But the scale could be much larger than this. In 2023, the system of the US Air Affairs Administration (Notam) (Notam) suffered a three-hour failure.
The result was that all flights in the USA were grounded for the first time since September 11th and 11,000 aircraft all over the country got into asphalt. Although this was a hardware problem, not a malignant hack, it underlines the potential effects of a sudden meltdown.
The third and perhaps most worrying scenario is that infiltrated during the flight systems. At the beginning of this year, several planes that came ashore at the Ronald Reagan National Airport in Washington DC received false collision warnings with medium air, although there were no other aircraft in the region.
The pilots who received the warnings separated the autopilot and climbed quickly. It is not known whether this was caused by the deliberate, malignant “parody” of flight systems or whether this was due to an error or another cause. Regardless of this, it is an example of how hackers may be able to enter the cockpit in the future and insert pilots into compromised scenarios.
The Qantas data injury this week suggests that Hacker is already targeting airline databases. In view of the type of earlier top -class, highly effective attacks by Spider scenarios, two or three should not be excluded.
“Hacking groups live from attention, and when families start to attack and blackmail an airline during their summer vacation, it is irresistible,” says Matt Saunders from Adaptavist, technical advice that works with large airlines.
“The good news is that a potential hacking attempt for passengers should not cause any security problems, since all security-critical IT systems already have a manual security option that maintains the highest security standards in the event of undesirable intervention,” he added.
How to chop your vacation chop -tight
There are steps that we can take as a passenger to protect ourselves from cyber attacks. Payment of your vacation with a credit card is preferable. If someone does not make authorized payments on your card, you will be protected by the consumer credit law, which means that the process of reimbursing your lost agents is easier.
The regular change of the password for your online account with the website or app of an airline also helps to protect it from the increasing issue of Air-Mile theft. As always, avoid tickets for public Wi-Fi networks that may not be encrypted and possibly endanger your data.
When it comes to larger hacking incidents, we can only rely on the strength of flight safety systems – which are strong according to all reports. In 2024 alone, the aviation industry spent USD 37 billion (27 billion GBP) for IT systems and airports, which have spent $ 9 billion (6.5 billion GBP). Around half of the airlines and three quarters of the airports are located to protect data and improve IT systems.
“Defense against these risks requires more than a perimeter control sie, continuous training of the workforce, no principles of trust that phical-resistant multi-factor authentication and the review of identity that cannot be socially constructed,” emphasizes Jordan Avnaim of Identity Company.
The latest cyber attacks on Hawaiian, Westjet and Qantas had no influence on flight operations, which should give us hope. The fact that the shelves were empty for six weeks in some M&S shops and their online orders were exposed to the sum of 300 million GBP is shown why airports, airlines and passengers should remain alert.
