- 16 Aug, 2021
According to a recent study conducted by Eurocontrol, the aviation industry has seen an uptick in cyberattacks over the past year. The analysis discovered a 530% rise in reported or detected cyberattacks by the team over the past two years, according to Travel Daily Media.
Eurocontrol data indicates that only in 2020, 61% of all identified cyberattacks on aviation were conducted by state-sponsored cybercriminals and hackers. One or more of the reported cyberattack methods or attempts did not target safety-critical aircraft systems or passengers' mobile devices connected to the inflight internet.
The study notes that the EATM-CERT system identified or received 755 reports of cyberattacks targeting airlines last year. The majority of the attacks, around 95% of all cases, were financially motivated, and in 55% of cases, airline operators incurred financial losses as a result of the attacks. Sensitive data theft or leak accounted for 34% of all reported incidents.
The Covid-19 pandemic provided cybercriminals with the opportunity to exploit uncertainties for hacking
Eurocontrol assumes that the attackers will continue to pursue the strategies they have used over the last two years. As a result of the COVID-19 pandemic context, which affected refunds and airline ticket adjustments, researchers suspected that the rise in fraudulent websites was related to the uncertainty created by the epidemic.
The study shows that 122 of the 206 total documented cyberattacks against aircraft manufacturers were carried out by fraudsters trying to profit from their intellectual property.
It has also been shown that a number of highly visible attacks, such as the one on EasyJet in the UK, have been effective, as revealed in May 2020. Following the data breach, travel records, email addresses, and personal data of 9 million EasyJet passengers were compromised.
In addition, the data indicates an increase in ransomware attacks. The campus VT San Antonio Aerospace was attacked by ransomware in June 2020, with approximately 1.5 gigabytes of confidential data stolen.