Expert Comments

Experts Dots On U.S. Steps Up Scrutiny Of Airplane Cybersecurity

Expert(s): Security Experts
Expert(s): Security Experts

It has been reported that concerns that planes could be targeted in cyberattacks are prompting U.S. officials to re-energize efforts to identify airliners’ vulnerability to hacking. The revived program, led by the Department of Homeland Security and involving the Pentagon and Transportation Department, aims to identify cybersecurity risks in aviation and improve U.S. cyber resilience in a critical area of public infrastructure, a DHS official said. DHS is offering few details on the program but says it will involve some limited testing of actual aircraft.

Experts Comments

Dot Your Expert Comments
Andrea Carcano
October 01, 2019
Co-founder and CPO
Nozomi Networks

Manufacturers that take aviation cybersecurity seriously and work with hardware vendors.
The threat of cyberattacks against the aviation industry has raised concerns for a long time. Commercial airplanes often do not have the necessary cybersecurity protections in place, which leaves systems increasingly vulnerable to attack. The airline industry needs to pay closer attention to the risk of cyberattacks to their systems. This revived program led by the Department of Homeland Security is an important step forward in securing such a critical area of public infrastructure. Taking.....Read More
The threat of cyberattacks against the aviation industry has raised concerns for a long time. Commercial airplanes often do not have the necessary cybersecurity protections in place, which leaves systems increasingly vulnerable to attack. The airline industry needs to pay closer attention to the risk of cyberattacks to their systems. This revived program led by the Department of Homeland Security is an important step forward in securing such a critical area of public infrastructure. Taking this pre-emptive step will enable us to manage and mitigate against vulnerabilities and security weaknesses. Manufacturers that take aviation cybersecurity seriously and work with hardware vendors, information security experts and government officials to identify and mitigate vulnerabilities will be in the best position to ensure the security of all critical systems and customer data.  Read Less
Adam Laub
October 02, 2019
CMO
STEALTHbits Technologies

Mega-corporations with significant cyber security budgets struggle to address these threats effectively.
This legislation is not only warranted, but practically a requirement if our institutions are to have a fighting chance against these types of cyber attacks. Mega-corporations with significant cyber security budgets struggle to address these threats effectively. How could a school or local municipality even begin to do what’s needed without this kind of assistance and guidance? They simply don’t have the resources. The best part about this legislation is not just the aid in recovery if.....Read More
This legislation is not only warranted, but practically a requirement if our institutions are to have a fighting chance against these types of cyber attacks. Mega-corporations with significant cyber security budgets struggle to address these threats effectively. How could a school or local municipality even begin to do what’s needed without this kind of assistance and guidance? They simply don’t have the resources. The best part about this legislation is not just the aid in recovery if and when an attack does happen, but the focus as well on mitigating these threats through proactive assessment and fortification of school and city technology infrastructures. With this could only come greater awareness and understanding of the threats we collectively face in organizations of every shape, size, and type.  Read Less
Jonathan Knudsen
October 02, 2019
Senior Security Strategist
Synopsys

To effect real and lasting change in critical infrastructure cybersecurity.
Improving the cybersecurity of aviation and, indeed, all areas of critical infrastructure, is an admirable goal. However, a stopgap, after the fact effort to evaluate security will provide only temporary benefits. To effect real and lasting change in critical infrastructure cybersecurity, the organisations that create the software products that are used in critical infrastructure must themselves be infused with secure software development practices. This includes a software development life.....Read More
Improving the cybersecurity of aviation and, indeed, all areas of critical infrastructure, is an admirable goal. However, a stopgap, after the fact effort to evaluate security will provide only temporary benefits. To effect real and lasting change in critical infrastructure cybersecurity, the organisations that create the software products that are used in critical infrastructure must themselves be infused with secure software development practices. This includes a software development life cycle that considers security at every stage as well as the use of more and better testing tools such as source code analysis, software composition analysis, and fuzz testing.  Read Less
Tim Erlin
October 02, 2019
VP of Product Management and Strategy
Tripwire

Aviation, like many industrial environments, is generally slower to change technology than your average commercial enterprise.
It’s important to understand that aviation cybersecurity isn’t just about the planes themselves. Each airline, airport and all the interconnected systems that support air travel are part of the overall attack surface for aviation. The idea that an attacker could remotely control a plane makes a good headline, but there are much more likely compromises affecting supporting systems. Aviation, like many industrial environments, is generally slower to change technology than your average.....Read More
It’s important to understand that aviation cybersecurity isn’t just about the planes themselves. Each airline, airport and all the interconnected systems that support air travel are part of the overall attack surface for aviation. The idea that an attacker could remotely control a plane makes a good headline, but there are much more likely compromises affecting supporting systems. Aviation, like many industrial environments, is generally slower to change technology than your average commercial enterprise. That means that vulnerabilities are harder to address and the risk is likely to be present for a longer period of time. There’s significant cooperation and shared technology between the military and commercial aviation, which means that addressing risks in one is likely to benefit the other.  Read Less

Dot Your Expert Comments


Only for registered and approved experts. Please register before providing comments. Register here
* By using this form you agree with the storage and handling of your data by this web site.
Submit
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

IoT Security In The Spotlight, As Research Highlights Alexa Security...

Oxfam Australia Confirms ‘Supporter’ Data Accessed In Cyber Attack

Expert Reaction On Solarwinds Blames Intern For Weak Passwords

Expert Reaction On Go Is Becoming The Language Of Choice...

Experts On Google Voice Outage

Expert Reaction On GCHQ To Use AI In Cyberwarfare

Comment: Hackers Break Into ‘Biochemical Systems’ At Oxford Uni Lab...

Expert Reaction On Private Data Leaked From Far-right Platform Gab

Hackers Break Into ‘Biochemical Systems’ At Oxford Uni Lab Studying...

NPower Shutsdown App After Hackers Steal Customer Bank Info