Introduction
The 21st century has witnessed major advancements in the world of technology. This rapid evolution in technology has influenced the aviation industry significantly. But, every boon has its bane. These advancements are also making the aviation industry prone to cyber-attacks. The Aviation Industry is a wide range of industries like airlines, airports, tech providers, etc. These have become prime targets for cybercriminals. The attacks have been widespread as well as targetted.
The aviation sector has been in immense economic downfall since the pandemic began. Research scientists at KPMG stated that the aviation sector suffered a gigantic loss of $252 billion in 2020. However, this did not stop the cybercriminals from targetting this industry. Surprisingly, there has been an increase in the number of cyber-attacks, and they have become even more chaotic.
Why the airline industry?
The airline industry is an attractive target for cybercriminals. The industry has access to the most sensitive information. They have access to passport information and sensitive payment data. The nature of payments in the aviation sector is time-sensitive and high value. The attackers have hence realized that they could extract this payment data for high-value credit cards and use it for online frauds. Or, use ransomware or DDoS attacks to extort the airline.
We have put together a list of such attacks on the aviation industry over the last 5 years. These attacks have caused chaos and huge losses.
Top cyber attacks in the Aviation industry
Here’s a list of the topmost severe cyber-attacks in the aviation industry that caused major financial and data losses:
- EasyJet: In May 2020, EasyJet did a press release that stated that the British Carrier had been compromised by cybercriminals. They had fallen prey to one of the most sophisticated attacks and the data of 9 million customers had been compromised. The attack had happened 4 months earlier, i.e. January 2020, but EasyJet only revealed it until May. They received a major backlash for this and are up against a class-action lawsuit that is seeking 18 billion pounds in damages. People were angry that the airline carrier kept this information from them for four months. The airline carrier however claimed that the hackers gained access to only email addresses and travel information and that the passport information was not penetrated. The lawsuit has been joined by over ten thousand customers from over 50 countries. This lawsuit caused the airline carrier major distress as it came around during the pandemic, a time when the aviation industry was the worst hit.
- Cathay Pacific: The Cathay Pacific data breach took place in 2018. It is one of the most severe data breaches in the airline industry. 9.4 million accounts were breached and the stolen data included credit card information, passport information, phone numbers, etc. This attack was the direct result of negligence by the airline carrier to keep their data secure. The IT team of the airline detected some suspicious activity in March 2018 during an ongoing IT operation. The airline did not shed much light on how exactly the attack happened but they stated that they detected malware that was used to access the data. It was a full-scale attack on their servers. The attacks continued intensely till May 2020. The information commissioner’s office stated that they found a series of errors during their investigation of this incident. The airline did not have password protection for its backup files, the internet-facing servers were not patched and the carrier systems were running on OS that was out-of-date. However, in September 2018, Cathay Pacific rolled out multi-factor authentication(MFA) across its userbase to counter the attacks in the future.
- SITA: This is one of the most recent cyberattacks in the aviation industry. SITA is an IT and telecommunications service provider to the airline industry. It provides services to around 90% of the airline business as per its claims. The SITA breach happened in February 2021 where over 2 million records were breached. The breach was a data security incident that involved certain passenger data stored in their servers that operated passenger processing systems for airlines. The airlines that were affected by this hit included Singapore Airlines, Finnair, Cathay Pacific, United, Air New Zealand, etc. The attackers managed to penetrate into their servers and access their Passenger Service System(PSS), which handled processes from ticket booking to boarding. Most of the victims were members of various flying programs. Thus, the stolen data included program card numbers, names, etc. SITA however claimed that sensitive data like email addresses and passwords were not compromised.
- British Airways: The British Airways breach is another major cyber attack incident that took place in 2018. This attack took place in the latter half of the year and over 400,000 customers and staff data were compromised. The Information Commissioner’s Office(ICO), during their investigation, found out that the airline was ignorant about adequate security measures while processing significant personal data. The attack was a javascript library attack using a malicious code called Magecart. The stolen data included payment card details, addresses, names, etc. The ICO office found out that the attack could have been avoided easily if the airline had taken security measures by identifying weaknesses in their system. The ICO later fined the airlines for failing to protect the financial and personal data of over 400,000 customers. The fine was about 20 million pounds.
- Air Canada: Air Canada breach occurred in August 2018, wherein data of about 20000 Air Canada customers was compromised. This attack targetted the Air Canada mobile application, and it was perceived that information like phone numbers, email addresses, passport details, address, gender data, flyer program data, etc., was compromised. The airline company, however, claimed that no payment information was stolen. As soon as the breach was detected, the airline locked the accounts of all its customers. This was done until they changed their passwords. The airline sent out emails to its customers assuring that their passwords were not at risk and that they were working with leading industry experts to improve their technology and security.
Closing thoughts
Nowadays, Airlines are rushing into more sophisticated technology. They want to provide their customers with the best user experience. This is great for customer satisfaction, but it comes with a lot of security risks. A cyber attack could result in financial loss and damage the reputation of the airline. Hence, it is required by the airlines to adopt security measures and be on the safer side.
We hope you loved the blog. If you did, please share and comment your thoughts below. Keep Learning!