Cyber Threats to Civilian Flights

Uploaded on 2015-07-28 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

1204airplane.jpg?w=620

Darkening clouds hang over aviation from emerging cyber vulnerabilities.

Many people are afraid to fly. Most of them fear than the plane will suffer a malfunction they have no control over midflight, as they’re sitting on it. 

In the past, the main concern was from a technical malfunction or terrorist hijacking, but one the main threats to commercial aerial transportation today is cyber attack. In the past cyber threats weren’t so substantial when it came to airplanes, as the field was fairly digital. 

Computers have only infiltrated planes in the 1970s, after the U.S. has developed the first stealth aircraft. About twenty years later, in the 1990s, computer became more and more present even in passenger planes and today the role of the computer is so central that it’s possible to say that the pilot is running the computer as the computer is running the plane. The computer controls all of the plane’s core systems in charge of its flight capabilities. Therefore, it only makes sense that the fear of cyber attack by hostile elements is keeping a lot of people very busy.
So what are the cyber dangers is today’s civilian airplane facing? David Stupples from City University in London claims that breaking in the airplane’s computer systems by the wireless Internet on deck is not possible and that the only way to get into the computer system is by injecting it with malware. 

However, even this is very hard to do since it means that one the plane’s computer programmers has done it intentionally and that’s highly unlikely since one would think that inspections and background checks are being done to prevent the wrong people from working in such important positions. 

Another way is taking over the plane after successfully integrating the malware in computers on the plane itself, but this also demands very high abilities and a high level of sophistication from the attacker. Stupples and his colleagues have conducted a research that has shown that most likely option to enter malware into a plane’s computer systems is by doing it during development by a corrupt employee backed by a large criminal body or even a country.
I-HLS: http://bit.ly/1SKGXCl

 

« US vs Hackers: Still Losing
AI is as Dangerous as Nuclear Weapons »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jiran Security

Jiran Security

Jiran Security provides data and application security solution over email, mobile device and endpoints.

Cybrary

Cybrary

Cybrary is an open-source cyber security and IT learning and certification preparation platform.

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute is an independent non-governmental organization that focuses on research and analysis of security challenges including defence and cyber security.

BeDefended

BeDefended

BeDefended is an Italian company operating in IT Security and specialized in Cloud and Application Security with years of experience in penetration testing, consulting, training, and research.

Dreamlab Technologies

Dreamlab Technologies

Dreamlab specialises in securing critical IT infrastructures. We offer qualitative support and advice for managing your infrastructure and cyber security needs.

GOVCERT.lu

GOVCERT.lu

GOVCERT.lu is responsible for the treatment of all computer related incidents jeopardising the information systems of the government and defined critical infrastructure operators in Luxembourg.

Department of Justice - Computer Crime and Intellectual Property Section (CCIPS)

Department of Justice - Computer Crime and Intellectual Property Section (CCIPS)

The Computer Crime and Intellectual Property Section (CCIPS) is responsible for implementing the Department's national strategies in combating computer and intellectual property crimes worldwide.

Data Terminator

Data Terminator

Data Terminator provide a comprehensive range of secure data destruction equipment and services are in compliance to US Department of Defense (DoD) and National Security Agency (NSA) standards.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Expel

Expel

Expel provide transparent managed security services, 24x7 detection, response and resilience.

Sovereign Intelligence

Sovereign Intelligence

Sovereign Intelligence provides automated insight into the relative intensity of hidden Cyber, Brand, and Financial Risks to your company.

CoursesOnline

CoursesOnline

CoursesOnline.co.uk is a database listing IT security courses from providers across the UK.

Mobileum

Mobileum

Mobileum is a leading provider of Telecom analytics for roaming, security and risk management and end-to-end domestic and roaming testing solutions.

Rootshell Security

Rootshell Security

Rootshell Security is transforming vulnerability management with its vendor-agnostic Prism Platform and industry-leading offensive security assessments.

WPScan

WPScan

With WPScan, you'll be the first to know about vulnerabilities affecting your WordPress installation, plugins, and themes.

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Auto-ISAC provides a forum for companies to analyze and identify threats sooner and share solutions that enhance vehicle cybersecurity.