Cybersecurity in Aerospace

By nature, the aviation sector is composed of complex systems of stakeholders including Airlines, Airports, Air Traffic Management, Unmanned Traffic Management, etc. The sector is undergoing major digital transformation with increased inter connectivity and dependency. As a result, new cyber threats and security breaches are emerging, requiring a more holistic approach covering proactive and reactive cybersecurity. While in other sectors the impact of cybersecurity incidents is essentially financial, in the aviation sector it has the potential to impact key aspects such as operations, compliance, reputation, or even safety.

Cyber threats are growing faster than ever, aviation is not spared

Cyber threats are in the news daily, as monitored by Thales Cyber Threat Intelligence. The aviation sector is not spared and is becoming a rising concern for cyber attackers: EUROCONTROL, EATM CERT reports on cyber in aviation (www.eurocontrol.int) note a rise in reported cyber attacks of 530% between 2019 and 2020, the number also doubling between 2020 and 2021.

Not all cyber-attacks are successful, but each one has important implications. An incident carries two potential costs: investigating the loophole and addressing the vulnerabilities exploited by the attacker. A successful cyber-attack also has significant financial implications that stem from severe service disruption, the need to rebuild more protected systems and, potentially, paying a fine for lack of adequate protection in the first place.

Cyber regulation is strengthening with additional compliance requirements by 2025

ICAO adopted Assembly Resolution A40-10-Adressing Cybersecurity Civil Aviation- during its 40th Assembly, announcing steps for improvements for all aviation stakeholders. “The resolution addresses cybersecurity through horizontal, cross-cutting and functional approach, reaffirming the importance and urgency of protecting civil aviation critical infrastructure systems and data against cyber threats, and calls upon States to implement the ICAO Cybersecurity Strategy.”

Following this strategy, in Europe, EASA presented a new cyber regulation that was adopted by European Parliament in 2022, as known as Part-IS, which will be added to nearly all existing aviation safety regulations by 2025, for them to consider cyber risks and manage them through a certified information security management system.

In addition to the above, many countries’ aviation organizations and systems have also to comply with national cybersecurity standards, especially those that are destined for critical systems.

Selecting the right partner

Cybersecurity is a central concern for aviation, regardless of the progress of their digital transition.

Protecting those systems requires building up protections adapted to aviation constraints – long certification cycle, cost savings, safety DNA – and maintaining their resilience over the time despite the evolution of threats.

Addressing these issues need not be daunting. Basic steps can be taken to protect Information Technologies (IT) and infrastructure, addressing only the most common weaknesses generally related to industry standard components - such as data networks and appliances or operating systems. However, where Operational Technologies (OT) are considered, elaborating responses to the malicious acts that are threatening them requires more than all-purpose cybersecurity knowledge; it requires area-specific expertise that Thales can bring.

To build a future we can all trust, Thales will be your strategic partner

Thales is a worldwide leader in cybersecurity. In this area, we draw on the skills of 3,500 expert engineers in cybersecurity. Today, around the world, there are nearly 50 countries, including NATO members, who use our security products and solutions as well as 9 out of 10 global Internet giants. We also give our customers access to our six cybersecurity operational centers (CSOCs) worldwide. Furthermore, Thales specializes in providing cybersecurity in critical environments including not only Aviation, but also Transportation, Space, Industry, Defence and Government.

With cyber expertise that has been recognized by IATA, as Cyber Strategic Partner for aviation stakeholders, Thales delivers cybersecurity and enables the implementation of new concepts of operations for efficiency gains. Thales has the knowledge of aerospace operational and safety constraints, strengthened by the knowledge and participation in the elaboration of the cyber regulations standard (ICAO, European Union Part-IS, European Union NIS 2, EASA, EUROCAE, NIST and local regulations).

This unique combination of Cyber expertise and Aviation expertise provides Thales with a unique position of Trusted Partner to aviation stakeholders.

Thales cyber experts are working with:

• Aviation regulators
• Air Navigation Service Providers (ANSP) for both manned and unmanned aerial systems (ATM & UTM)
• Aircraft manufacturers
• Airlines
• Airports

Thanks to in-depth knowledge and experience of the aviation sector and critical systems, Thales can offer customers the most efficient cyber-resilience, adapted to customer specific and critical aviation operations; from cyber secured by design to cyber managed services; and meeting digitalisation usage requirements.

Regardless of the customer’s cyber maturity level and cyber risk reduction need, Thales can offer: 

Expertise & Consulting services

Thales has developed an extensive suite of services such as:

• Risk assessment, according to recognized standards such as ISO 27005 or NIST SP800-30/53 or IATA IOSA, applying a working-with-customer approach, and delivering recommended roadmaps for efficient cyber-risk reduction.
• Awareness and training on cybersecurity for aviation stakeholders.
• Support to customer to implement the minimum means to comply with regulations. 

Operational services

To develop proactive cybersecurity, Thales offers:

• Cyber detection and monitoring services for both IT and OT systems customized for each aviation stakeholder, extending to Security Operations Centre and Rapid Reaction Teams to support customers in crisis management.
• Cyber Threat Intelligence feeds screening many cyber sources worldwide, on a daily basis, updated and coming from up to 6 feeds such as Thales internal CERT (CERT-IST), EUROCONTROL EATM-CERT, National CERTs and public information like NIST NVD
• Cyber vulnerability management monitoring of systems, and remediation plan adapted to each aviation context. 

Products & Systems

Thales offers built-in and in depth cybersecurity measures at product and system level, from hardening to encryption. Cybersecurity by design is the new normal and additional measures can be implemented including Big Data based analytics to correlate events across the aviation system-of-systems in order to ensure a rapid response in case of cyber event with an aviation dedicated decisional view.