sd confirms significant rise in frequency of cybersecurity threats to business aviation
May 21, 2019
Ahead of EBACE 2019 Satcom Direct (SD), the business aviation solutions provider, notes a year-on-year increase of attempted cybersecurity attacks on business aviation aircraft subscribed to the multi-layered SD Threat Monitoring service. Eighty-one percent of the nearly 600 subscribed aircraft have experienced a cyber event that has been thwarted by the SD service.
In addition, the seriousness of the attempted hacks has amplified, with a 54% increase in critical and high-level threats from the same period last year. A critical threat represents activity that can affect default installations of widely deployed software resulting in the compromise of servers and devices, as well as leaving the “door open” for other hackers. Trojans, viruses and operating system vulnerabilities all fall into the critical category. A high level represents a threat from web browser exploitation or malware, which can be elevated to a critical status. This type of threat can potentially cause serious long-term damages to corporate networks.
In particular, SD has identified a trend that shows an increase in attacks from advanced persistent threat groups such as the well-known Fancy Bear, as well as sophisticated hackers, which are often commissioned by nation states or criminal organizations to specifically target VIPs. Josh Wheeler, senior director of cybersecurity at SD says, “These perpetrators making particularly damaging threats invariably involve a group of black-hat hackers working in a closed network that continuously attack aircraft. This determined, networked approach is harder to mitigate, but our sophisticated threat monitoring approach combines technology with human intervention to effectively detect, block, and prevent threats.”
The SD Threat Monitoring module, accessible through the SD Pro® dashboard, constantly monitors all inbound and outbound threats from aircraft subscribed to the 24/7 monitoring service. Delivering a real-time, centralized in-flight view of the cabin network, it makes aircraft data activity visible to flight departments and the SD cybersecurity experts. Abnormal network behavior is highlighted using a variety of threat analysis and prevention solutions, as well as human expertise. Potential threats, attacks, and intrusions are blocked before they reach the digital devices or aircraft. If a compromised device is identified in flight, threats can be blocked before they propagate to other passengers or “call home” to the malicious actor. Operating in real-time, the system alerts users, identifies causes, and provides remedial steps. The systems works for all level of threats from low through to critical.
“As the digitization of aviation trend continues, aircraft are becoming operating systems in themselves so mitigating data risk is imperative,” adds Wheeler, “Regardless of whether you are on the ground or in the air, if you can see the internet, then the internet – and the hackers – are most definitely able to see you. Altitude does not make you safe and we are encouraging existing and new customers to be prepared,” adds Wheeler.