Aviation

Published on Friday, 01 February 2019 09:00

CyberSense is a monthly bulletin by CSA that spotlights salient cybersecurity topics, trends and technologies, based on curated articles and commentaries. CSA provides periodic updates to these bulletins when there are new developments.


OVERVIEW

Can an aeroplane be hacked? Cybersecurity companies are showing that there are vulnerabilities that can be exploited. IOActive, a Seattle-based cybersecurity firm released a report in December 2016 that claimed that the Panasonic Avionics in-flight entertainment system was hackable, and credit card information could be accessed. Panasonic Avionics has refuted the claims. Prior to that, the founder of another info-security company One World Labs had claimed he could commandeer a plane through its inflight entertainment service. United Airlines has banned him from ever flying with them since.
The aviation sector has also been a cyber-battleground when geopolitical tensions rise. Two of Vietnam’s largest airports and the website of Vietnam Airlines suffered from cyber-attacks, shortly after the United Nations’ Permanent Court of Arbitration ruled against China’s claims to the South China Sea in July 2016. Security experts also reported that state-linked Chinese threat actor groups have been targeting the aviation industry for years, by attacking aviation firms to steal data and intellectual property to advance national interests. In the Middle East, a new variant of Shamoon malware, likely launched by Iranian state-sponsored actors, was part of a series of attacks against the Saudi aviation regulator.

aviation

Awareness to these threats and action to mitigate cyber risks is taking off. Airlines and government aviation agencies have adopted more cybersecurity measures to try and plug the vulnerabilities. United Airlines for instance launched a “bug bounty” programme where hackers could report flaws in a computer system in exchange for flyer miles. A top advisory group to the US Federal Aviation Administration also issued a recommendation that all future aviation standards incorporate cybersecurity. In Europe, the European Centre for Cybersecurity in Aviation (ECCSA) will also be established to provide open source intelligence and facilitate information sharing on cybersecurity issues within the European aviation sector. In Singapore, the Civil Aviation Authority of Singapore (CAAS), as the Aviation Sector Lead for cybersecurity, recognises the severity of cyber threats facing the aviation industry and regularly holds exercises and issues advisories to its partners as part of its effort to counter the cyber threats in the sector.

REPORTS

CYBERSECURITY FIRM CLAIMS AIRPLANE’S HACK VIA IN-FLIGHT ENTERTAINMENT SYSTEMS

IOActive, a Seattle-based cybersecurity company said it has found security vulnerabilities within the Panasonic Avionics entertainment system used by 13 major airlines, including Emirates, Virgin and Qatar Airways. IOActive said that hackers could inject malicious code into the in-flight system, change the display, hijack announcements and access credit card details of frequent flyer passengers. Panasonic has however strongly rebutted those claims.

Before IOActive’s claims, in April 2015, Chris Roberts, founder of cybersecurity company One World Labs had also said that he could control a United Airlines plane by hacking their in-flight entertainment system aboard aircraft.

Read on by clicking on the story below:


CHINESE HACKERS TARGETS AVIATION INDUSTRY TO SPY AND STEAL SECRETS

State-linked Chinese groups are the main threat actors targeting the aviation sector, according to security company FireEye. Since 2004, 20 out of 27 active threat actor groups targeting the aviation sector were based in China, and the majority of attacks conducted by these groups were successful.

The report highlights the motivations of the Chinese threat actors as well as their tactics, techniques and procedures (TTPs). These groups have been known to steal intellectual property from aviation firms to make their domestic aviation industry more competitive. In terms of their TTPs, spear-phishing is a common tactic, and air traffic control and booking systems are most frequently targeted.

Read on by clicking on the story below:


HACKING VIETNAM’S AVIATION SECTOR WITH SOUTH CHINA SEA MESSAGES

On 29 July 2016, hackers attacked Vietnam Airlines and flight information screens at Vietnam’s airports in Hanoi and Ho Chi Minh City. Flight information screens displayed politically-motivated messages while Vietnamese airports had to resort to manual check-ins.

The cyberattacks, reportedly by the Chinese, were considered an act of protest because the United Nations Permanent Court of Arbitration’s verdict had ruled against China’s claims to the South China Sea, a decision which favoured the Philippines and by extension, Vietnam. The cyber-attacks on the airport and airlines reflected how geopolitical tensions could have an impact on critical infrastructure through the cyber realm.

Read on by clicking on the story below:


SHAMOON MALWARE TARGETS SAUDI AVIATION REGULATOR

The Shamoon malware resurfaced in late 2016 after more than four years of relative quiet. In 2012, the Shamoon malware, best known for its disk-wiping component, had cleaned out more than 30,000 computers in Saudi Aramco, a national petroleum and natural gas company.

The new variant, Shamoon 2, now targets Saudi Arabian government agencies, including the Saudi aviation regulator, General Authority of Civil Aviation. The Saudi aviation authority claimed that hackers leveraged Shamoon in a “planned” campaign to wipe out critical data, which brought operations there to a halt for several days in December 2016.  The new Shamoon attacks are believed to be launched by the same Iranian state-sponsored hackers who were responsible for the attacks in 2012.

Read on by clicking on the story below:


UNITED AIRLINES’ BUG BOUNTY PROGRAMME

Bug bounty programmes are a standard practice in the technology industry, but in May 2015, US carrier United Airlines became the first airline to offer a bug bounty programme – the first of its kind within the airline industry. As part of the bug bounty challenge, hackers will try to bring to light as-yet unknown weakness in United’s corporate computer systems (website and apps). In turn, they will receive frequent flyer miles. In 2016, the winner of United’s bug bounty challenge was a 19-year old security researcher from the Netherlands, who used his prize of a million flyer miles to attend a hacker conference at Las Vegas.

The launch of United Airlines’ bug bounty programme was seen as a response to claims by Mr Chris Roberts, CEO of info-security company One World Labs, that he managed to take control of a United aircraft in 2015.

Read on by clicking on the story below:


EUROPE ESTABLISHES A EUROPEAN CENTRE FOR CYBER SECURITY IN AVIATION (ECCSA)

The European Aviation Safety Agency (EASA) and the Computer Emergency Response team (CERT-EU) of the EU Institutions recently signed a Memorandum of Cooperation to establish a European Centre for Cybersecurity in Aviation (ECCSA). The ECCSA will provide open source intelligence from aviation-related sources and, on demand, operational means to face cybersecurity threats to its members. Members of the European Aviation sector can join the ECCSA on a voluntary basis. The ECCSA will also facilitate information exchange between the EASA and the CERT-EU and will launch a public website covering cybersecurity news and ECCSA’s initiatives.

Read on by clicking on the story below:


SOURCES INCLUDE: Newsweek, Zero Day Net, Reuters, Dark Reading, European Commission, and International Business Times