Flight to quality: cyber risks in aviation

The systemic CrowdStrike downtime event on July 19 highlights a critical, and often overlooked, aspect of the aviation industry: its profound reliance on sophisticated IT infrastructure.

While the consequences of the incident are still unfolding, its immediate impact on global IT operations underscores the significant vulnerabilities that come with digital interconnectedness. In an industry where efficiency and precision are paramount, such disruptions can have cascading effects, grounding flights, stranding passengers and creating a ripple of operational chaos across the globe.

IT infrastructure in aviation

Modern aviation is heavily dependent on advanced IT systems for nearly every aspect of its operations. From booking and ticketing, to air traffic control and in-flight communications, digital systems are the backbone of the industry.

These systems are designed to create efficiencies, streamline operations and enhance the overall passenger experience. However, they also expose the industry to significant risks, acting as single points of failure. These can sometimes be triggered by oversights or accidents, but also can be exploited by malicious actors. The CrowdStrike incident serves as a stark reminder that sometimes cyber or technology events are simply mishaps, but mishaps that point out critical vulnerabilities within the system.

The aviation sector’s critical role in global connectivity and national security makes it a prime target for cyber attacks. Malicious cyber threats are at the forefront of industry concerns, with the potential to disrupt operations, compromise sensitive data and endanger passenger safety. A survey by the Cyber and Emerging Risks Study Group (CERSG) of the Inter­national Union of Aerospace Insurers underscores the urgency of addressing these emerging risks, while leveraging technological advancements to safeguard the future of aviation.

Re/insurers in the CERSG survey ranked cyber risk as third among the top threats to the aviation sector over the next five years, behind geopolitical stability and war. For 2024, the most urgent risks for aviation operators and airports are air traffic control issues, war/malicious acts, and GPS spoofing.

The aviation sector’s critical role in global connectivity and national security makes it a prime target for cyber attacks. Malicious cyber threats are at the forefront of industry concerns, with the potential to disrupt operations, compromise sensitive data and endanger passenger safety

GPS jamming and spoofing are sophisticated cyber attacks that interfere with aircraft navigation systems, potentially leading to mid-air collisions or deviations from flight paths. Recent incidents have highlighted vulnerabilities in the aviation sector’s reliance on satellite navigation, necessitating robust countermeasures. The US Federal Aviation Administration and other regulatory bodies are, increasingly, focusing on developing and implementing technologies to detect and mitigate such threats.

Artificial intelligence (AI) technologies are enhancing risk assessment models, providing more accurate and timely insights into potential threats. Machine learning algorithms can analyse vast amounts of data to identify patterns and predict future risks, enabling proactive measures. For instance, predictive maintenance systems powered by AI can monitor aircraft health in real time, reducing the likelihood of in-flight failures and enhancing overall safety. However, AI systems can be targeted by cyber criminals to manipulate input data to deceive the algorithms, so the development of robust AI security protocols is essential to ensure the integrity and reliability of these systems.

Horizon scanning

Over the next five years, the aviation sector must navigate a spectrum of threats, including geopolitical instability, increasing catastrophic events and the persistent challenge of a global recession. The CERSG survey highlighted several key cyber risks that demand immediate attention from aviation operators and airports.

Upgrades to air traffic control systems: modernising air traffic control systems is critical to enhancing operational efficiency and safety. Legacy systems are increasingly vulnerable to cyber attacks and upgrading to more secure, advanced technologies is imperative.

Mitigation of malicious acts: the threat of geopolitical conflicts and targeted malicious acts poses significant risks to aviation operations. Comprehensive risk management strategies must include contingency planning and collaboration with international security agencies.

Countermeasures against GPS spoofing: developing and implementing technologies to detect and counteract GPS spoofing is crucial. This includes investing in alternative navigation systems such as inertial navigation systems and enhancing satellite security.

Reduction of attritional ground incidents: ground incidents, including runway incursions and ground handling errors, represent significant safety risks. Implementing AI-driven surveillance and monitoring systems can help reduce these incidents by providing real-time alerts and automated responses.

Effective airspace management: the rise of unmanned aerial vehicles and electric vertical takeoff and landing aircraft, necessitates advanced airspace management solutions. Integrating these new technologies into existing air traffic frameworks while ensuring safety and security is a complex challenge.

The industry must invest in advanced cyber security infrastructure, which includes adopting cutting-edge technologies, such as blockchain for secure data transactions, quantum encryption for enhanced communication security and AI-driven threat detection systems.

Effective cyber security requires collaboration between all stakeholders, including aviation operators, insurers, regulatory bodies and technology providers. Joint efforts in sharing threat intelligence, developing industry-wide standards and conducting regular cyber security drills can enhance the sector’s resilience.

Amid these challenges, the aviation insurance industry is poised to seize substantial opportunities, particularly via the strategic application of AI. AI’s potential to refine policy wordings, enhance contract analysis and bolster risk management is immense. Moreover, it promises to revolutionise underwriting processes, leading to more accurate risk assessments and streamlined claims processing. AI can analyse large data sets to identify trends and correlations traditional methods might overlook. This enables insurers to develop more precise risk profiles and tailor coverage options to specific needs.

Continuous adaptation

The dynamic nature of cyber threats necessitates continuous monitoring, adaptation and updating of policies. Regulatory frameworks must evolve to address emerging risks and organisations must remain agile in their cyber security strategies. Regular audits, vulner­ability assessments and incident response planning are vital components of a robust cyber security posture.

In this increasingly complex landscape, knowledge-led underwriting is indispensable. For insurers, the ability to understand and anticipate emerging risks is important. This involves not only leveraging technological advancements like AI, but also cultivating a deep understanding of the unique challenges faced by the aviation industry. Insurers must engage in continuous education, stay updated with the latest trends and threats and build strong relationships with industry stakeholders.

By adopting a data-driven, proactive and strategic response to emerging cyber risks, insurers can develop more effective policies that cater to the specific needs of aviation clients. Knowledge-led underwriting empowers insurers to offer tailored coverage, optimise risk management strategies and provide invaluable insights that help aviation operators mitigate risks. This approach ensures insurance products evolve in tandem with the changing threat landscape.

The CrowdStrike incident serves as a reminder of the vulnerabilities inherent in the aviation sector’s dependence on IT infrastructure. Whether through malicious attacks or inadvertent failures, these events expose critical points of failure that can disrupt global operations. By addressing these vulnerabilities head on and investing in robust cyber security measures, proactive monitoring and risk management strategies, the aviation industry can safeguard its operations and ensure operational continuity in the face of evolving threats.

Bruce Carman is chief underwriting officer at Hive Underwriters