Inflight internet was the ubiquitous gift of the digital age. The engineers and equipment manufacturers in some cases were so focused on connectivity that security often had to take a backseat. The result was weakness in the system's ability to withstand a cyber-attack. Whether an aircraft owner is a private individual or a large corporation, it is clear that everyone needs to consider data security in their flight operations. Most airborne IT security concerns fall into three main areas: service provider security, physical security, and your individual software and hardware policies. While this initial discussion is a 50,000 foot view of airborne data security, the following articles in this series will delve deeper into the particulars.
Service providers are the gatekeepers of your traffic in many circumstances, whether you are using Inmarsat Satcom, 3G, or GoGo. They are responsible for making sure that the data sent and received is not intercepted in a manner that is usable by others for nefarious purposes. They are also responsible for defending their data centers against service interruptions by potential man-made or natural disasters.
Physical IT security is also very important. Many intelligence operations involve theft or tampering with portable electronic devices. These can be laptops or cell phones. These sorts of attacks are more common than most would like to admit and often lead to individuals being personally compromised.
Your individual IT policies have a lot to do with how safe you are. Using a WEP Encrypted Wi-Fi connection on the ground at Teterboro could have disastrous results for your VIP, not to mention your Satcom bill. The myth often shared by people is that hacking or identity theft is something that happens to the "other person." The sad reality is that there are always barbarians at our digital gates whether we chose to acknowledge them or not.
When I watched the movie "Hackers" in 1995, the notion of teenagers masterminding an attack on a corporate mainframe seemed pretty pie-in-the-sky. The reality though is that there have been numerous examples of children cracking into secure servers even at the DOD level. We are all under attack. The goal is not make your aircraft an impenetrable IT fortress. The aim should be to make others an easier target and prevent the most crippling attacks.
The FAA Updates 5G Guidance In Safety Alerts For Operators
Do I Need An Avionics Service Plan During Heavy Maintenance?
Don’t Go To The Las Vegas Formula One Races (Or Anywhere) Without An AOG Plan
Why Are Accurate Equipment Lists Critical To Avionics Warranty Programs?
Proper ART-2000/2100 Radar Shutdown Procedures to Prevent Unwanted Squawks