Cyber terrorism is 'biggest threat to aircraft'

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.telegraph.co.uk/finance/newsbysector/transport/10526620/Cyber-terrorism-is-biggest-threat-to-aircraft.html


Nervous fliers may worry more about terrorists smuggling explosives into
the cabin, but cyber attacks are becoming one of the most significant
threats to passenger aircraft, a senior Boeing executive has claimed.

Jeff Kohler, vice president of international business development for
Boeing’s defence arm, admitted to being “very concerned” about threats to
flying software and said aircraft were now in need of cyber protection.

Planes are at risk every time they enter an airport because of the number
of electronic systems they begin sharing information with and the situation
will cause “a lot of issues” in the coming years, he added.

Boeing was the focus of a cyber security scare in 2008 when an analyst
claimed the firm’s flagship 787 Dreamliner passenger jet had a serious
weakness in its on-board computer networks which could allow passengers to
take control of the aircraft.

A report by US authorities found that a network in the cabin designed to
give passengers Internet access could be used to access the aircraft’s
control, navigation and communication systems. Boeing claimed the problem
had been fixed before the official report was issued.

In 2011, the International Air Transport Association warned airlines to
“remain on their guard” against cyber terrorism which it said poses
“especially serious challenges for airlines that will be taking delivery of
the new generation of aircraft”.

The scenario from the film Die Hard 2, where an aircraft’s system is
tricked into thinking it is flying 200 metres higher than it really is,
causing it to crash land, is “no longer merely a fictional scenario”, the
IATA warned at the time.

Earlier this year MPs also warned that cyber attacks could "fatally
compromise" the armed forces because the government has not done enough to
protect its technology against high-tech warfare.

Speaking at a security conference in Istanbul this month Mr Kohler and five
other senior defence company representatives were asked about the biggest
threats to be faced in the next 10 years.

In footage broadcast by Nato Review, Mr Kohler said: “I don’t think we
still understand critical infrastructure protection and how cyber can
affect that.

“From our commercial aircraft side we’re very concerned about it. As
commercial aeroplanes become more and more digital and electronic, we have
actually started to put cyber protection into the software of our
aeroplanes.

“If they enter an airport environment, they are starting to exchange
information and so we have to be able to protect the aircraft’s software
itself, so there’s a lot of issues coming down the road just on cyber
alone.”

Martin Hill, vice president of defence, EU and Nato affairs for electronic
systems company Thales, added: “Every single item that we have depends on
cyber.

“All of our critical infrastructure is controlled by some sort of network.
This has to be the area where we’re going to face problems and where we’ve
got to spend a fortune.”

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.