Cyber Threat to Bizjets Growing, Warns Satcom Direct
The idea that a jet's flight controls could be hijacked in flight by hackers continues to capture public imagination. Aircraft manufacturers insist it is impossible - but this does not mean that aircraft are immune from cyberattacks. Indeed, there is a risk that the confidence operators can have over security of the cockpit systems may lead to complacency in the rest of the aircraft.
"On the ground you have a PC, it has a VPN [virtual private network], which is ultimately probably as safe as you can get," says Michael Skou Christensen, vice-president of Satcom Direct International. "But you also have an iPad, your phone, and all of these different devices. And when you have an airplane, you can really never guarantee 100% who will walk on that airplane, and what devices that they will bring on, and whether they bring a threat or a risk with them. Which means that to fight the technology war, safeguards on the technology on a device is never going to work for private aviation."
To emphasize the point, Christensen posits a hypothetical scenario.
"If you walk onto a private airplane and you ask the principals to hand over all of their devices so that you can make sure that they follow your IT compliance, you will get a less than friendly answer in return," he says. "It's difficult to defend on a device level on board the airplane; so we could see that we needed to defend on an airplane level instead of on a device level."
This led the company to develop its threat-monitoring system for business jets, which will detect any attempts made by devices on board the aircraft to connect to the outside world using unauthorized routes, or which are trying to send or receive data to or from servers known to be used as command nodes or data-receiving hubs by threat actors. The system categorizes threats into three risk profiles, with the highest-level threats prompting immediate action by Satcom Direct's team, who will alert the operator and automatically prevent data being sent or received by the affected device.
"You can still not guarantee that there won't be a risk on board your airplane," Christensen says. "But what we can tell you is that we create an umbrella of security, so that if you have a threat on board, it's contained within the airplane."
SD's customers are offered two types of help: technical solutions to mitigate the risks, and training to try to assist bizjet users in understanding the nature of the threats they face.
"We'll go in [to customers' premises] and evaluate their set-up, the way they act," Christensen says. "If it's a very small flight department we might explain the risks and propose changes; we might go all the way to writing [new] procedures and best practices. In some cases you have very sophisticated operators with a huge IT department: there it's more of an exchange of views and practices. We ultimately build a bridge between the IT department and the corporation's airplane operation."
Visibility of activity across its user base - which now includes around 600 aircraft - means SD (Booth 115) has a large and growing database of real-world information about cyber incidents on board business aircraft. The figures show a significant year-on-year rise, and, according to a company release, 81% of the 600 supported aircraft "experienced a cyber event that has been thwarted by the SD service."
Some of these events may have been nothing more than an alert that a device infected with a common piece of irritating but not particularly dangerous malware had been brought on to an aircraft. Nevertheless, the baseline observation - that threats are real, and becoming more prevalent - is clear.
Deeper questions, such as whether specific users or companies are being targeted, are harder to answer. This is partly because hackers are upping their game.
"Cyber criminals have become a lot more professional in their approach," says Christensen. "They're much better organized, and they're well funded."
And while operators carrying political leaders or public servants may have to worry about targeted attempts to use hacking for espionage purposes, the factors motivating attacks against the more typical business-jet traveller are rather less esoteric, and fundamentally easier to understand.
"There's definitely a cyber war going on, and there's definitely an increase in targeting the kind of customers who will fly on a private jet," Christensen says. "The high-net-worth individuals that fly on these airplanes are prime targets for cyber criminals."