An Australian security researcher has concluded that threats from cyber attacks against the aviation industry are now second only to natural disasters where airline safety and security is concerned.
Hackers even pose a more imminent threat to airline security than traditional terrorism threats for which the majority of airline security measures are now geared.
"The next generation of cyber threats may directly affect aviation equipment, not simply stealing credit cards and denying travelers access to online booking sites. For the future, cyber-threats will be more diversified and take the form of multi-stage and multi-dimensional attacks that utilise and target a variety of attack tools and technologies," Pure Hacking's chief technology officer Ty Miller said.
Miller makes reference to a new breed of malware that can actually cause physical damage to systems and equipment, as best exemplified by the recent emergence of the Stuxnet virus.
"For example, the latest generation of web worms uses a variety of different zero-day exploits, propagation methods, and payloads to inflict physical damage."
Stuxnet is a highly sophisticated designer-virus that wreaks havoc with SCADA systems which provide operational control for critical infrastructure and production networks, and was responsible for damaged equipment at Iran's Natanz uranium enrichment facility.
Stuxnet was designed for a specific purpose, and Miller anticipates that the use of designer malware and targeted attack methodologies will become increasingly commonplace, and that the airline industry is particularly vulnerable.
"There is no doubt that targeted hacking attacks are on the rise, however sophisticated conspiracies to steal data and takeover networks from either nation state, terrorist or individual are occurring more rapidly across the board in every industry. The issue with the aviation sector is that it implicitly relies on systems that require a highly secure, safe environment," Miller said.