Cyber Attacks Take Flight

Another_Airplane!_(4676723312)As technology becomes more prevalent and convoluted in American society, responses by the Department of Homeland Security (DHS) must adapt to the ever-changing threat of cyber attacks.  In the wake of the Sony breach by North Korea and the Islamic State (IS) hack of the Centcom twitter feed, awareness of cyber security’s impact on Homeland Security has increased.  According to a recent Government Accountability Office (GAO) report, cyber security now poses a new and more present danger.

The report on Air Traffic Control exposes flaws in newer airliners that could lead to hacks and system failures.  The implementation of the Next Generation Air Transportation System (NextGen) seeks to replace the “decades old, point to point, hardwired information systems, that share information only within their limited, wired configuration.”  The Federal Aviation Administration (FAA) shift to NextGen is a “modernization effort […] to transform the nation’s ground based Air Traffic Control (ATC) system into a satellite based Internet Protocol (IP) system” to increase efficiency.  However, the changes present cyber security challenges in three areas; 1) protecting ATC information systems, 2) protecting aircraft avionics used to operate and guide aircraft, and 3) clarifying cyber security roles and responsibilities among multiple FAA offices.

The FAA has taken several steps to address the challenges, but cyber security experts still believe more changes need to be made to ensure security.  In order to address these issues, GAO recommended that the FAA;  1) assess developing a cyber security threat model, 2) include the FAA’s Office of Safety as a member of the Cyber security Steering Committee, and 3) develop a plan to implement the latest security controls presented by the National Institute of Standards and Technology (NIST) guidelines.  The GAO believes these measures can address weaknesses and ensure the safe and uninterrupted operation of the national airspace system.

For more resources on the threats of Cybersecurity and Infrastructure Protection visit the Homeland Security Digital Library (some resources may require HSDL login).


Article formerly posted at