1 Star2 Stars3 Stars4 Stars5 Stars
03 August 2016

Cybersecurity: Advantage to the defence

Cyber attacks, cyber warfare, cyber security, the list goes on. For the last decade or so, the vulnerability of information and communication systems has been the key focus of all governments, businesses and the aviation sector in particular.

However, the many concerns which are expressed so frequently on the matter must be put into perspective as they are often unfounded. Some risk does exist. Estonia was the victim of a huge denial of service attack in 2007. Tension on the international stage is often conveyed through cyber attacks. The devastating effects of the Stuxnet and Shamoon viruses which targeted Iran on the one hand, and Saudi and Qatari businesses on the other, all hit the headlines. On a less conflictual level, but still wreaking as much havoc, the Wikileaks and Luxleaks dossiers and the appearance of cyber activists like Julian Assange and Anonymous, have proven that a network of well-trained hackers can access information and communication systems inside large groups, or governments, steal the most highly sensitive information or cause malfunctions.

But these threats, as tangible as they may be, do not target all forms of ISC in the same way. And even though there is no miracle cure, nor a single remedy to protect against cyber attacks, some professions are particularly sensitive to the dangers and have taken the appropriate measures to shield themselves against them. This particularly applies to aviation, and avionics specifically.

Multiplying defences

As aviation involves the transportation of over 3 billion passengers each year, because it has a double character and security concerns are crucial, as much in civil aviation as in defence, it quickly developed processes that would allow it to take risk factors into account, right from the early stages of aircraft design and throughout development and operation phases.

On-board cyber security must be able to cope with two sources of danger. The first danger comes in the form of an instigator of hostile intentions, whatever his or her motivation may be, who may first of all cause harm by hacking aircraft information systems during a flight, in order to deny access to the tools required for navigation, whether this applies to the correct functioning of sensors or communication links between the aircraft and ground control. The second danger involves the extraordinary mass of data related to airline activity (flight operations, planned aircraft maintenance, flight plans and fleets, personal and bank account data belonging to passengers, etc.) which is a source of extremely sensitive and valuable information that needs protecting against those who would like to take possession of it for lucrative information trafficking purposes with high added value, or blackmailing purposes with regards to the legitimate holders of that information: Airlines, passengers, governments, etc.

Aviation players coordinate their actions and classification standards

Confronted with these dangers, public and private aviation players (airlines, aircraft manufacturers, FAA, EASA, etc.) are evolving in close order to increase the number of protection tools, and coordinate their actions and certification standards. They have understood that an aeroplane or helicopter is only one element within a global cybernetic environment and that safeguarding people, equipment and data must be thought out and implemented at this level. As a result, a multi-layered defence system, operating with the addition of a series of obstacles according to a method similar to the ones used in the past inside fortresses, is more and more commonplace between the companies and administrations involved.

This defence begins well before a flight. It first applies to the measures taken in order to ensure right from the design phase, that the aircraft, electronic equipment and potential information used to connect and coordinate will be designed with optimal security in mind, and can be adapted as time goes by. Element by element, system by system, defence mechanisms that will resist a cyber attack are now in development. All these cogs in the connected mechanism are tested individually, then linked together, to ensure they are able to withstand attacks, which is the ultimate condition for them to be put into service and launched onto the market. But taking these measures for aircraft, avionics, radars and communication methods is simply not enough. Still within the context of a coordinated approach, the computers, networks, and portals that transmit and store airline and passenger data must also be secured.

Of course, it is impossible to design a collection of systems that will remain ironclad forever. The shape-shifting threat is constantly evolving, and renders any hope of this nature null and void. Technology and methods are making continual progress. So a system of systems, in which each link can evolve and integrate new protection tools, using ad hoc retrofit phases must be developed.

Tracking innovation among cyber attackers

Defence system modernisation operations such as these mean gaining in-depth knowledge of the threats that exist against them. The "trends" on this market of cyber attackers require constant monitoring. Because the terms of the market may apply perfectly to one activity, which, although criminal, has nonetheless become an essential player in the parallel market, given the high added value of the information it uses and above all, that it sells... Thales, which secures 80% of dematerialised transactions in the world, is particularly well-positioned to be able to provide this monitoring and associated protection. Particularly as the Group, which is one of the European leaders in defence, has a global and additional vision of cyber security and potential cyber attacks, whatever sector is involved.

Military aviation and its associated defence organisations exist in a very compartmentalised environment, with few vulnerabilities. Yet vulnerabilities do exist. Once identified, they may be used by a State (or a non-state player, etc.) in a period of conflict. Recent statements made by Barack Obama in the Financial Times ahead of the Warsaw NATO summit are proof of that. "We need to boost resilience against new threats, including cyber attack”, said the President of the United States to the American daily newspaper.[1]

And yet the protection processes are identical, whether they apply to the civil or the military sphere. Reinforcement of inter-system communication encryption, modification of wavelengths to limit the risk of interception or data breach, frequent "resistance" tests and constant threat monitoring are the best ways to guarantee security.

Forms of defence may be split into two categories:
• Perimeter defence, which involves protecting interfaces, communication and equipment against attacks from the external environment.
• In-depth defence, which aims to identify weakened systems and improve protection on a permanent basis.
These two types of defence are likely to provide optimal defence, if all players affected by cyber concerns coordinate and implement these two forms of defence simultaneously. Cyber threats are not inevitable. Especially as once they are known and identified, it is possible to turn the attacker's own weapons against him, as much in the civil sector as the military. But that is another story.

[1] "America’s alliance with Britain and Europe will endure”, Financial Times, 8 July 2016.

Find us on Twitter @ThalesAerospace, on our official Youtube channel Onboard TV and on LinkedIn Thales Aerospace.