Airline security has just entered a new era with news that on Saturday cybercriminals hacked the communications network on a commercial flight and tried to divert the plane to a fake destination and into the hands of the gang.
On Sunday, EL AL Israel Airlines confirmed the attack on one of its planes. During the attack, instructions were given to the El Al crew that differed from their set route, alerting them to the possibility that terrorists were planning to crash the plane or that their attackers were planning a kidnapping.
However, despite the nationality of the airline concerned, the motive behind hacking into the airline’s communications is thought not to have been primarily political. Although the attack took place over an area where Iran-backed Houthis are known to be active, it is believed that the hackers are most likely based in Somaliland, which last month signed a controversial territorial agreement with neighboring Ethiopia.
El Al commented: “The disturbances are not aimed at El Al planes and that this is not a security incident. The disruption did not affect the normal course of the flight thanks to the professionalism of the pilots who used the alternative means of communication and allowed the flight to continue on the planned route.”
Airlines make doubly-tempting terrorist targets
For the last 20 years, commercial airlines have mostly had to cope with cyber-attacks involving fake websites, data theft, phishing, and ransomware attacks. Their wealth and high visibility make them mouth-watering targets for cybercriminals, who garner an estimated €1 billion a year from fraudulent websites that are indistinguishable from the real thing and are used to separate gullible airline customers from the contents of their bank accounts.
But airlines, just as much as power facilities and phone networks, are a crucial part of any nation’s critical infrastructure. The national flag-carrying airlines make doubly tempting targets for terrorist groups, as bringing down a flag-carrying aircraft would also be seen as a major political win for the terrorist side. In the past, airlines have been prime targets for the most devastating of terrorist attacks, notably 9/11 and the Pan Am attack 13 years earlier.
The increasing digitalization of airline services over recent years has exponentially increased the number of entry points for determined and skilled hackers. In order to remain competitive in a global marketplace, airlines are being constantly forced to expand their digital footprint in order to offer customers increased online convenience. But this comes with a hefty cybersecurity price tag as terrorists and hostile nation-states look for weak points in Western infrastructure.
Commercial airlines may, therefore, soon have to follow in the footsteps of the US Air Force, which has recently embarked on a cybersecurity recruitment drive and is reintroducing warrant officer ranks exclusively “within the cyber and information technology professions.”
