It is clear that advances in satellite, antenna and ground technologies are all enabling more connected aircraft around the globe. Whilst the addition of passenger aircraft to the Internet is revolutionizing inflight entertainment and communications (IFEC), now there are calls for gathering more real-time data on aircraft location and operations to enable airlines to operate their flights more efficiently.
My colleague, Intelsat chief information security officer Vinit Duggal, was part of the ‘Cyber Security How Can a Connected Aircraft Manage This Threat?’ panel at the Global Connected Aircraft Summit in Chantilly, Virginia, where he and fellow panelists discussed how network security must be a prime concern for airlines that want to fully embrace the advantages that connectivity can deliver inflight.
“Satellite communications are a complex ecosystem, and we’re marrying it to the aircraft, another complex ecosystem,” he said. “This will create more targets for bad actors that want to break into the network. Communications architecture is very important, and sometimes they are built so quickly to get to market that security is overlooked.”
The concern is heightened due to fears about airline terrorism. This was raised to new levels in 2015 when a cybersecurity consultant claimed he had hacked into an aircraft network via the IFE system and then issued commands to the aircraft’s engines. Vinit emphasizes and I concur that the simplest way to alleviate passengers’ fears about such a scenario is for airlines to make sure that the IFE and aircraft operations are using completely physically independent networks.
When security is working correctly, it’s a partnership between the provider and the client, meaning there are responsibilities that lie with the satellite providers and ones that lie with the airline. As the only satellite operator that has gone through independent auditing firm KPMG and completed a Service Organization Control 3 (SOC3) review of security controls, Intelsat is well-suited to work with airlines in securing wi-fi networks and alleviating passenger concerns. Beyond that, as wi-fi connectivity rapidly becomes more widespread, airlines will need to be open and willing to discuss the threat landscape, what they are facing and how they are managing the exchange of data that passes through their networks.
As Duggal said, “A good security posture is not defined by what it stops but how it reacts when threats are found.”