Airworthiness or business?

Davide MARTINI • 17 February 2022
in community Cybersecurity

Is the attack affecting the airworthiness, the safety of flight, or (just) the business?   

I believe this is the key question for many cybersecurity in aviation professional and for sure this is the key questions for me @EASA. 

Is the TA2541 group activity a big concern for aviation? 

I would love to read your comments on this. 

Comments (3)

Cyrille Rosay

Good question. To my opinion they can be independent or not, subject to the attack path and target. There are several possible combinations, for example, a disruption of an IT infrastructure may impact the operations without effect on the airworthiness or the safety.

Constantina Galani

According to the researchers, the participants of the group TA2541 have very low qualifications, care little about the secrecy of their actions,often use ready-made malware and have been operating since 2017 from Nigeria. So, i believe that their target is to gain money with random and to expose the company, rather to occur safety issues.

alessandro cicchelero

Probably business has always been considered the main cyber actor goal, but if we push the concept to cyber war we need to consider the safety of flight as well. Nowaday, moreover, being some technology available at a very low price on the market (I meant for example Software Defined Radios) an relevant knowledge available on public domains, we need to consired that some malicius actor could act also for bravery demonstration affecting again the safety of the flight. I'm quite surprised that no incident (as far as I know) has been recorded and identified with this last cause. I think that differently form other sectors someone can leverage the fact that the Aviation sector has a big inertia in changing and retro fitting something that has been designed thinking in a trusted environment is quite a challenge.

You are not allowed to comment on content in a group you are not member of.

View group