The airfreight industry finds itself facing a rapidly growing threat. Efficient and quick transport of goods is essential in a fast-paced, global economy – and hackers know that. As the technology sector evolves at an accelerating pace, cyber security is becoming an increasingly critical issue. And while cyber attacks targeting airlines and passengers’ personal data might be more common and widely reported, air cargo is also at high risk.
Data gathered by Resilinc’s EventWatchAI – an AI-powered supply chain risk monitoring system – revealed a 24% YoY increase in the number of cyber attack alerts across all industries it monitors in the first half of this year. And the aerospace industry, specifically, saw an even more alarming jump of 64%. In fact, aerospace was the fifth largest industry impacted by cyber attacks in all of 2022.
In the last few years, several high-profile cyber attacks on airports have been carried out globally. Last year, for instance, airport ground services and air cargo operator Swissport was hit by a ransomware attack that disrupted operations at Zurich Airport in Switzerland. And in a more recent incident, Europe’s air traffic control authority Eurocontrol had to battle a cyber attack claimed by pro-Russian hackers. Although there was no disturbance to air traffic at the time, this posed a serious threat to European aviation.
The airfreight supply chain is vast and complex, making it particularly vulnerable to disruptions. It relies on tens of thousands of small and large companies that support the industry in various ways, from parts manufacturers and airport IT system providers to cleaning services, runway maintenance providers, and auditors. All it takes is for one critical component of this chain to be disrupted and it can have a cascading effect on the entire industry.
Any vendor or agency that continues to utilise outdated systems is at risk. Operational technology (OT) systems are an emerging area of cyber vulnerability. Many OT systems are simply old and have many security issues. Even newer OT systems, such as IIoT systems, can be challenged due to poor security practices like default administrator passwords, connections to open Wi-Fi networks, etc.
The industry must prioritise cyber security efforts. As it becomes increasingly interconnected and reliant on technology, safeguarding against cyber threats becomes not just a necessity but a fundamental part of operations. By taking proactive steps to secure their systems and supply chains, companies can ensure that they continue to protect their operations from the dangers of cyber attacks and the disruption they cause.
As many of these attacks show, it’s not just a single company’s systems that require constant cyber security diligence. All parties, including sub-tier suppliers and vendors, are equally important in this puzzle.
So, what should aviation businesses be doing to proactively protect themselves against future disruption?
One crucial step for businesses is to run in-depth cyber assessments of internal Information Technology (IT) systems and Operational Technology (OT) systems. These can expose vulnerabilities and pave the way for enhanced security measures. By hiring trained cyber security experts and implementing robust processes, organisations can keep systems updated on an ongoing basis.
In addition, airfreight companies should map their entire supply chain to gain a clear understanding of the suppliers in their direct and indirect networks. Collecting information on and running assessments of cyber security processes, starting with their immediate vendors, will allow them to identify suppliers with vulnerable processes and systems. They should then work together on a joint plan to address emerging security issues on a regular basis.
Businesses should also invest in AI-powered tools that provide continuous / monitoring of cyber security risk and other disruptions that can impact their supply chains. Such solutions can enable proactive cyber risk mitigation, resulting in overall lower risk and/or reduced impact when an incident does occur. Having real-time insights into potentially disruptive events, keeping information up-to-date, and promptly collaborating with vendors in response to emerging problems is essential.
In the same way that evolving technology helps to improve safety and streamline operations, its rapid acceleration can also bring increased risk for aviation companies and airfreight. Businesses need to continually step up their cyber security efforts with proactive measures if they want to effectively fortify their supply chains against this threat.