2018 was a big year for cyber-attacks, with movie studios, universities, and governments all being subjects to disruptions of varying sizes. Marriot hotels experienced a breech of 500 million records, exposing the travel and hospitality industries as new targets for cybercrime; the hotel guests’ information was stolen in a data breech that was detected on September 10th, 2018 though it could have started as far back as 2014. British Airways was another victim, or their customers to be more precise, when personal information from 380,000 users was stolen, alongside credit card information. It’s not just data breeches that caused troubles, cybercriminals took what they could get with many aiming for pure disruption without explicit financial benefit.
With this in mind Sungard took a closer look at the rate of airline outages in the US, uncovering shocking numbers in the process. The data looked back to 2007 to track the rate of outages across the US airline industry. The numbers started out low, with 2007 recording three outages, while 2008 and 2009 saw just one per year. Fast forward to 2011 and the number rose to five, peaking in 2015 with eleven outages overall. in 2016, nine outages were recorded; six in 2017; ten in 2018, and three so far in 2019. The trend is not linear but the presence of outages every year does confirm that airlines are the major new targets for cyber-attackers.
The most widely deployed attacks are of the DDoS style, which stands for Distributed Denial of Service. What happens during a DDoS attack is that hackers flood an organisation’s systems with so many communication requests that it overwhelms the servers, resulting in disruption of normal functions. Airlines are sensitive to these types of attacks since so many of their operations take place on line, making them vulnerable at many different points. Another possible reason is that airlines simply haven’t taken their cybersecurity as seriously as they should have from the start.
The problem is of course not isolated to the US, with attackers targeting international airlines too. When it happened to the Polish airline LOT, its chief executive Sebastian Mikosz said, “This is an industry problem on a much wider scale, and for sure we have to give it more attention.” Adding, “I expect it can happen to anyone anytime.”
Typically, the attacks don’t cause immediate danger to passengers as they don’t affect systems used by aircrafts while they’re in the air. Still, the disruptions are certainly annoying for all involved. They ground flights thanks to the knock-on effect of disruption and intricate flight schedules keeping all airports running. Some flights end up being rescheduled whilst others are altogether cancelled, causing issues for hundreds of passengers and costing airlines profits alongside reputation. While profits are recoverable, reputation is much harder to restore as passengers who experience disruption with a particular airline will view it as unreliable, choosing to avoid it for their next journey.
Airlines must wise up to the increased rates of attacks if profits and reputation are to remain intact. This can be done by targeting security, so that attackers aren’t able to cause disruptions in the first place, increasing resiliency, while also looking at recovery procedures to minimise downtime.
Travellers need to take extra precautions too. Travel insurance is a good bet when it comes to adding a layer of security to journey plans. Airlines that have undergone multiple mergers are more sensitive to cyberattacks due to merged patchwork of systems that are easier to exploit. Additionally, scheduling flights in the morning and choosing non-stop routes where possible, is safer, since afternoons and evenings see most of the server loads spike.