European air traffic control organisation Eurocontrol is investing in new systems that it hopes will make it harder for cyber attacks to disrupt its services, after Russia’s KillNet group claimed to be behind a DdoS attack in April.
Speaking to FINN, Steven Moore, Eurocontrol’s head of ATM Network Operations, said the DDoS attack saw over 90 million hits attempted on the group’s external websites – though not the website that Eurocontrol uses to convey operational information.
While Eurocontrol’s website did suffer interruption, the cyberattack did not disrupt any flight operation, and safety was not compromised.
Eurocontrol is now investing in state-of-the-art software that will be in place by next year and which Moore hopes will be better able to repel such attacks in the future, should they occur.
“Our new software is designed to be secure by design, whereas our existing software is a little more secure by obsolescence – because it was designed in the 1990s,” he said.
“We have all the protections in place, but eventually when our new system finally rolls out it will be one of the most secure ever.”
Eurocontrol cyber security
A recent Eurocontrol think paper warned that the European aviation industry was being increasingly exposed to rising levels of risk, as criminals, hackers and state- sponsored cyber-attackers look to “exploit vulnerabilities, cause chaos, and above all, fill their pockets at the expense of the aviation sector, with airlines and the flying public firmly in their sights”.
As a result, the organisation has called for digital identities to be better safeguarded, including through the EACP (European Aviation Common Public Key Infrastructure), a solution currently under development by Eurocontrol and its partners.
Moore added: “Cyber is a big issue for any aviation stakeholder, be it an airline where credit card details get potentially taken or personal information, or be it an ANSP.
“It’s a cat and mouse game with organised cybercrime groups, but we have a very good anti cyber department that works closely with all the stakeholders in the network to ensure we remain at the forefront.”
Subscribe to the FINN weekly newsletter