Sending shivers down the spine: the need to protect the ‘data backbone’ of the air cargo industry
Author(s): Christian Gessner, Posted on March 2nd, 2017
Cyber security is rapidly becoming one of the most pressing issues in the world of aviation. Much of the infrastructure for the industry has transitioned online and into the cloud, making it an easy target for hackers and opportunists, as many high-profile (and rather terrifying) recent examples have shown.
There is the story of the attack on the IT network of LOT Polish Airlines that grounded 10 flights, delayed dozens more and affected the journeys of over 1,400 passengers. Or the story of a man who took control of an aircraft’s navigation system by hacking the inflight entertainment.
Airports themselves and their networks have become targets. Miami International Airport was at one-point experiencing almost 20,000 hacking attempts a day – before eventually investing in cyber security countermeasures. And Los Angeles World Airports (operators of LAX, ONT, VNY and PMD) blocked almost 2.9 million hacking attempts in one year.
The rise in scale and severity of these attacks has raised awareness in the aviation sector. According to SITA Insight research, 72% of CIOs are investing in cyber security projects. With hackers becoming more sophisticated, cyber security is the next frontier of threats and challenges to civil aviation.
Addressing the cybersecurity threat
The issue of cybersecurity should be of particular concern to the air cargo sector, as the large supply chain presents points of weakness around data security and access management.
Between the shipper, the forwarding agent, the ground handling agent, the airline and their counterparts at the destination, there could be more than eight players involved in getting cargo from point to point. And when you consider customs, official organisations that might be in involved for certain cargo commodities, or veterinary services for the transportation of animals, the number of parties involved can be substantial.
At every step of the supply chain, each one of these organisations will need to have access to certain pieces of information in certain events. One of the ways in which the cargo industry will try to streamline this process is by implementing a ‘data backbone’ that connects the information of all involved parties. The shipper can upload all of the data pertaining to the shipment to the backbone, and they will be digitally available to whichever organisation needs the data further along in the process.
The dangers are very real
While the practical benefits of the data backbone are clear, in the context of the security issue there are some real concerns that need to be addressed. Protecting business data against sophisticated (and often financially backed) cyber criminals is hard to do, and it’s getting harder.
The data stored on the data backbone can be often hugely sensitive, including invoices, banking details, and the contents of shipments. If any of that information was to fall into the wrong hands, it could cause significant operational, financial and reputational damage. It may sound obvious that this data needs to be securely stored in the data backbone, but most current solutions have only standard protection measurements in place, and it is no great secret that these can be hacked.
There is also the issue of how to control who has access to which pieces of data and when. With such a large number of organisations involved in the chain, it is important that they can only access the data relevant to their role in the process. Managing the access rights of every party will prevent backdoor hacks where criminals gain access to systems via less secure organisations.
Micro-segmentation for macro challenges
Micro-segmentation is a technology solution that will be able to address these challenges for the air cargo industry. It allows organisations to quickly and easily divide a network into multiple micro-segments, each of which can function as if they were all separate networks with separate access privileges.
This means that it is much easier to manage the access rights of each player in the cargo value chain and also ensure that they can only access the information relevant to them. It also means that any compromise is contained within a micro-segment, mitigating some of the risk of a breach.
Furthermore, because micro-segmentation is a software solution, it can be rapidly and simply implemented on an existing network structure. There is no need to invest in firewalls or any other additional infrastructure.
To guarantee the security of sensitive information across the data backbone the freight industry cannot afford not to invest in these safety measures.
Unisys are attending the IATA World Cargo Symposium 2017, taking place at the Abu Dhabi National Exhibition Centre between 14th-16th March. Please get in touch if you would like to speak to one of the Unisys specialist team at the event.