Airport Cyber Security

Dror Liwer blog

Airport cyber security is crucial for safeguarding our personal data and even our lives. Alarmingly, the aviation industry has struggled to meet basic security standards when it comes to protecting its cyber systems from attack. In 2020, Swiss researchers identified “massive cybersecurity risks” at 97 of the world’s top 100 airports. In fact, only three of the world’s airports – in Amsterdam, Dublin, and Helsinki — achieved an A+ rating, with no security vulnerabilities detected.

Common Airport Cyber Security Problems

Cybersecurity in airports is often poorly rated, with one in four airports having received an “F” grade for issues like:

  • Using outdated software with known and exploitable vulnerabilities in WordPress or jQuery systems.
  • Failing to use Secure Sockets Layer (SSL) encryption between servers and clients.
  • Running old, now-obsolete versions of encryption software such as SSLv3.
  • Failing to secure mobile apps, fix known vulnerabilities, and encrypt outgoing data.
  • Losing highly confidential data like financial records and passenger ID information to the Dark Web.
  • Storing sensitive data on unprotected public clouds.
  • Falling short of the EU’s General Data Protection Regulation (GDPR) compliance standards.
  • Failing to comply with the Payment Card Industry Data Security Standard (PCI DSS) requirements.

What Must Be Done to Improve Data Security in Airports

All of the aforementioned issues must be corrected to tighten airport security. At minimum, data security in airports should include a continuous security monitoring system with anomaly detection to identify phishing attempts, password reuse attacks, and all other intrusions as they occur.

A holistic approach is necessary to maintain visibility of digital assets and attack surfaces. Today’s digital infrastructure is intricate and intertwined across multiple parties and platforms. The small percentage of truly secure airports are conducting in-depth audits of all vendors and third-party suppliers to ensure they are equipped to mitigate complex risks.

All personnel must be trained and educated in security matters, particularly how the email and apps they use at work can potentially compromise security.

Are You Looking for Greater Security Measures?

Organizations such as Coronet are working with international airports to provide top-level support and tools that satisfy short and long-term cybersecurity needs. We borrow from robust security standards provided by the National Institute of Standards and Technology (NIST), as well as the International Organization for Standardization (ISO) and the Civil Aviation Organisation (ICAO).

Our founders have amassed over 25 years of experience in technology, seeking to overcome the expense and operational demands of running multiple security systems. We are committed to developing and implementing cybersecurity solutions that are equipped to deal with modern challenges and the threats of tomorrow. Contact us for more information. We operate globally.