Cyber Threats to the Aviation Industry – Front and Back

SchipholTower300A long time ago I was so fascinated by how one air traffic control system could handle all the planes for three New York Area airports simultaneously, long before there was the internet or even multi user  computers, that I wrote a paper on it for part of my post grad degree program. Recently the SenseCy blog has called out some highlights from the AIAA official release of ” A Framework for Aviation Cyber Security” which discussed the connectivity challenge in a networked world..

With the enormous number of computers involved today in air traffic control, airport and ground control, as well as on-board control, the concerns about cyber security in this special industry have expanded dramatically. Perhaps because air travel is the primary method of international travel, plus the fact that other transportation systems don’t fall out of the sky when they fail, more attention needs to be paid to aviation than rail, ship or car travel (not that these others aren’t susceptible to attacks too).

Since the development of drones and their much wider deployment in recent conflicts, AirplaneCockpit300even Joe Public knows you can take control of planes from the right computers. This has also been portrayed in movies and TV shows. My concern is that all the attention seems to be paid to protecting these “front end access” systems. But what if malicious code has infected the back end systems or embedded code, for example? Infections that may lie dormant for a long time but then cause a lot of problems. A virus made its way into the International Space Station via a simple USB drive some astronaut brought aboard – so this is not just a theoretical discussion.

I hope and trust that some more attention will be paid to making back-end and embedded systems more tamper-proof before I next leave for the airport.

(C) Copyright 2014 White Hawk Software

Ensure Your Space Programs are Tamper-Proof too!

Picture of International Space Station that itself was infected with a virus. Photo thanks to Wiki Commons

Renowned Russian virus and security expert Eugene Kaspersky revealed recently that a virus had even been discovered on board the  International Space Station – despite them being a million miles from the nearest internet node. Turns out some space astronaut accidentally took along the virus on a USB “thumb” drive for use on one of the many laptops deployed in the space station. See full story from the International Business Times.

The big motto of this story is that you don’t have to be attached to the internet to be infected. So don’t wait to run virus checkers and hope for the best. Mission critical software should all be tamper-proof so that no malware can hook in and cause any damage whatsoever.

(C) Copyright 2013 White Hawk Software