Complaints about delayed and cancelled flights, lost luggage, and customer service problems are nothing new in the airline industry. However, what isn’t often discussed are the cybersecurity incidents that can have serious implications for both airlines and their passengers.
The complexities of modern aviation, which involve a mix of legacy and new technology, create a difficult environment to secure. Aviation systems rely heavily on machine learning and artificial intelligence, augmented reality, cloud technology, and the Internet of Things, which all increase the potential attack surface. In addition, older protocols that are less secure are still in use in critical functions, providing opportunities for adversaries to exploit.
Moreover, airlines typically rely on a multitude of service providers to manage various aspects of their operations. A supply chain issue in how the software applications are built or a hardware flaw in the systems can have far-reaching impacts, potentially affecting the safety and security of aircraft and their passengers.
The number of cybersecurity incidents in the aviation industry is on the rise, with more than 40 reported in 2020 alone. These incidents include distributed denial-of-service (DDoS) attacks, data breaches, and ransomware attacks. Major airlines such as British Airways and Cathay Pacific have fallen victim to large data breaches, and a compromise at global aviation industry IT supplier SITA impacted airline bookings. Even pilot application data for American and Southwest Airlines was stolen through a recruitment portal in 2023.
Recognizing the growing cybersecurity problem and the need to modernize its technology operations, Cathay, a travel lifestyle brand that includes major airline Cathay Pacific, has made the decision to replace its infrastructure with a focus on cybersecurity.
The COVID-19 pandemic highlighted the limitations of Cathay’s aging infrastructure, prompting the need for a new, modernized approach. One of the first steps taken was replacing a 40-year-old multiprotocol label switching (MPLS) network, which was struggling to keep up with bandwidth requirements and provided limited visibility and inadequate security. The replacement solution needed to be cloud-based and capable of managing the demands of a modern infrastructure while providing end-to-end visibility across various resources.
After careful consideration, Cathay opted for a secure access service edge (SASE) solution, which was chosen for its data-centric capabilities and its ability to reduce the need for users to bypass existing security controls. This change was crucial in light of the limitations of traditional network perimeters in a cloud-native environment.
The SASE approach uses a zero-trust security model, which is essential in controlling devices, identity-based access, and networks. This approach also provides networkwide security protection, which was important as the company transitioned to remote work and focused on employee engagement and experience.
The decision to implement Aryaka’s unified SASE solution was made after extensive proof-of-concept experiments. With the new solution in place, Cathay will be able to ensure that all security events across different locations are logged and acted upon, using behavior analysis and secure web gateway capabilities. Additionally, the solution will provide role-based policies and safe browsing regardless of the browser used, location, or network.
As the pilot phase of the implementation is finalized, the team is looking ahead to the full integration of the SASE solution with more than 400 applications in the public cloud. The transition will significantly change how traffic is routed, moving from a system where all traffic originates from headquarters in Hong Kong to connecting with the nearest Aryaka hub or circuit, and then back to the cloud provider. This new approach will provide increased efficiency and security for the airline.
Cathay Pacific’s decision to embrace SASE represents a significant step forward in addressing the cybersecurity challenges faced by the aviation industry. Other airlines, including Qatar Airways, United Airlines, and Qantas, are also moving in the direction of SASE, signaling a shift towards a more secure and modernized approach to technology operations.
Looking ahead, Cathay plans to make further security enhancements by bringing security closer to end users, upgrading firewalls, and software web gateways in its data centers and public cloud environment. These efforts aim to ensure that the airline remains at the forefront of cybersecurity and can provide a safe and secure experience for its passengers.