Hackers take on unsuspecting airliners, exposing customer data
Hackers have a newfound interest in gaining access to airliners’ customer information
Cyberattacks have been on the rise since the coronavirus pandemic took hold. Most recently, threat actors have identified a new target, airliners. According to Cyware, hackers’ newfound interest in airliners suggests they’re interested in accessing passenger data.
“Hackers are increasingly targeting airlines, due to their huge dependence on computer networks for everything from customer-facing activities such as bookings and support, to vast back-office functions which often affect multiple entities involved in the aviation business,” Cyware explained in its report.
If you’re an avid reader of the news, you likely know hackers most recently targeted EasyJet. In a statement released in response to the hack, the airliner admitted hackers had breached its systems and gained access to customers’ email addresses and travel details. Up to 2,208 customers also had their credit card details exposed during the breach.
EasyJet isn’t the only airliner to fall victim to hackers. In January, hackers gained access to SpiceJet’s systems, exposing the private information of 1.2 million customers. Transavia, a low-cost Dutch airliner, also suffered a cyberattack earlier this year that exposed 80,000 passengers’ data.
According to SITA, though, only 35% of airlines and 30% of airports are prepared to face such attacks. Fortunately, authorities have been steadfast in encouraging airliners to consider breach detection and prevention services.
Cathay Pacific Airways Limited can attest to this, as the airliner was recently fined £500,000 by the UK's Information Commissioner’s Office after failing to secure customer data. Unfortunately for the airliner, the lack of protection led to approximately 9.4 million customers’ personal data being exposed.
When all is said and done, airliners can mitigate their exposure to nefarious hackers through encryption software and multifactor authentication when dealing with sensitive customer details. Providing employees with adequate training to avoid such incidents has its benefits too.