The global air transportation system is a critical part of society. A key feature of the system is its high level of connectivity between different stakeholders and its increased digitalisation; however, the more digitalised, the more there is the risk of cyber-attacks. The challenge is to keep the system cyber-resilient – to keep risk at an acceptable level despite cyber-attacks.
This data snapshot shows the number of ransomware attacks which affected aviation in 2021 and 2022 (ransomware is a type of malicious software designed to block access to a computer system by encrypting its files until a sum of money is paid). The timeline on the left shows how many incidents have been reported in Europe on a quarterly basis. As can be seen on on the right, the majority of incidents impacted original equipment manufacturers (OEMs).
Since 2021, we have had a clearer idea of the scale of the problem thanks to more incidents and events being shared by European aviation stakeholders with EUROCONTROL/EATM-CERT (our Computer Emergency Response Team). On the global level, similar patterns emerge; we are aware of approximately 2.5 reported ransomware attacks per week on aviation-related organisations.
Ransomware is a worrying category of cyber-attacks; cyber criminals have changed their strategy to focus on companies able to pay large sums (so-called “big game hunting” – the ransom is around 5% of the annual revenue). As shown, ransomware mostly affects the extensive aviation supply chain. This has disruptive consequences on the whole sector, beyond the company being directly affected.
Since early 2022, the conflict in Ukraine has affected the activity of some ransomware groups. As a significant number of these groups rely on Russian resources, some groups re-oriented their activities into cyber-attacks supporting Russian forces and propaganda. Thus the number of attacks in Europe dropped down to 73. However, we do expect to see an increase in ransomware incidents again in 2023.
When stakeholders subject to a ransomware incident share information about such an attack with EATM-CERT, they help improve the cyber-resilience of the overall European aviation – as EATM-CERT can inform other stakeholders about the techniques that each ransomware group systematically uses.
Embraer SA’s push into a market long dominated by Boeing Co. and Airbus SE is bearing fruit in equity markets, as a flow of new orders from North America and…
View ArticleRyanair Holdings Plc said Boeing Co. has taken steps to accelerate delivery of some 737 Max jets this summer, potentially alleviating the bottleneck created from a slower pace of output.
View ArticleThailand and New Zealand have agreed to resume direct flights after the pandemic shut air connectivity as leaders of the two countries vowed to triple bilateral trade in the next…
View ArticleBoeing Co., which builds planes for presidents and holds billions in government contracts, is at risk of losing its unmatched clout in Washington.
View ArticleBoeing Co.’s safety culture will come under public scrutiny today as two separate Senate hearings pore over a whistleblower’s claims of poor assembly processes and shortcomings revealed in an extensive…
View ArticleAir New Zealand Ltd. will “work constructively” with Boeing Co. to secure its 787 Dreamliners and has faith the US planemaker can deliver on its order even as it faces…
View ArticleIndustry updates and weekly newsletter direct to your inbox!