Kiberbiztonsági kihívások a légi közlekedésben: – Kronológiai folyamat a Boeing elleni kibertámadások tükrében

Hunorfi Péter; Paráda István; Farkas Tibor

doi:10.32567/hm.2024.1.6

Cybersecurity Issues in Aviation

– Timeline of Cyber Crimes against Boeing

Hunorfi Péter
https://orcid.org/0009-0000-3578-1909
Paráda István
https://orcid.org/0000-0002-3083-6015
Farkas Tibor
https://orcid.org/0000-0002-8868-9628

doi: 10.32567/hm.2024.1.6

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Abstract

In this article, the authors present an information subsystem of air transport, its IT solution, as well as its potential cyber threats and risks. To this end, the authors determine certain IT components of air transport with particular regard to communication, data link, and onboard flight systems, such as the so-called electronic flight bags (EFB), which have special significance due to cyber incidents. Following this, the authors describe the cyber
attacks that occurred recently at Boeing, including their chronological order, and then, by summarising all these, they inductively draw logical conclusions about their impacts, as well as about new forms of response against the attacks.

Keywords:

aviation EFB NOTAMS Boeing Cyber Defence Ransomware

How to Cite

Hunorfi, P., Paráda, I., & Farkas, T. (2024). Cybersecurity Issues in Aviation: – Timeline of Cyber Crimes against Boeing. Military Engineer, 19(1), 101–120. https://doi.org/10.32567/hm.2024.1.6

References

A repülésben használt NOTAM-ok különböző típusai [é. n.]. Online: https://hu.motonoticias.com/different-types-notams-used-aviation-82278

ATEŞ, Savaş Selahattin (2017): Electronic Flight Bag in the Operation of Airline Companies: Application in Turkey. Computer Science and Information Technology, 5(4), 128–134. Online: https://doi.org/10.13189/csit.2017.050402

BABB, Tyler A. (2017a): Professional Pilot Commercial Off-the-Shelf (COTS) EFB Usage, Policies and Reliability. International Journal of Aviation, Aeronautics, and Aerospace, 4(1), 1–29. Online: https://doi.org/10.15394/ijaaa.2017.1159

BABB, Tyler A. (2017b): Electronic Flight Bag Policies at Collegiate Aviation Programs. International Journal of Aviation, Aeronautics, and Aerospace, 4(4), 1–22. Online: https://doi.org/10.58940/2374-6793.1190

Boeing Subsidiary Jeppesen Suffers Cyberattack (2023). Binary Defense, 2023. április 18. Online: https://www.binarydefense.com/threat_watch/boeing-subsidiary-jeppesen-suffers-cyberattack/

BRITTON, Niki (2022): ’Cyber Incident’ Affected Flight Planning. Boeing Subsidiary Jeppesen Apparently Targeted. AOPA, 2022. november 9. Online: https://www.aopa.org/news-and-media/all-news/2022/november/09/cyber-incident-affected-flight-planning

Cyber Attacks on the Aviation Industry in 2022. Statistics: Ransomware, Data Breaches, DDoS Attacks (2023). KonBriefing, 2023. február 28. Online: https://konbriefing.com/en-topics/cyber-attacks-2022-ind-aviation.html

FLORENT, R. (2020): Aerospace Cybersecurity: Building Resilience in the Hailstorm. CyberInflight, 2020. május 10. Online: https://www.cyberinflight.com/?p=1081

GATES, Dominic (2018): Boeing Hit by WannaCry Virus, But Says Sttack Caused Little Damage. The Seattle Times, 2018. március 28. Online: https://www.seattletimes.com/business/boeing-aerospace/boeing-hit-by-wannacry-virus-fears-it-could-cripple-some-jet-production/

GATLAN, Sergiu (2023): Boeing Confirms Cyberattack Amid LockBit Ransomware Claims. Bleeping Computer, 2023. november 2. Online: https://www.bleepingcomputer.com/news/security/boeing-confirms-cyberattack-amid-lockbit-ransomware-claims/

GONDA Zsuzsanna (2005): Repülési informatika. Bicske: SZAK. Online: https://real.mtak.hu/170257/1/Gonda-Zsuzsanna-Repulesi-Informatika-konyv-SZAK-Kiado-2005-NJSZT-publikacio.pdf

HORVÁTH József (2020): A repülés elleni kibertámadás. Hadmérnök, 15(3), 179–196. Online: https://doi.org/10.32567/hm.2020.3.10

ILASCU, Ionut (2023): LockBit Ransomware Leaks Gigabytes of Boeing Data. Bleeping Computer, 2023. november 12. Online: https://www.bleepingcomputer.com/news/security/lockbit-ransomware-leaks-gigabytes-of-boeing-data/

KLINT, Matthew (2022): Breaking: Boeing’s Jeppesen Subsidiary Hit with Potential Ransomware Attack. Live and Let’s Fly, 2022. november 3. Online: https://liveandletsfly.com/boeing-jeppesen-ransomware-attack/

KOVÁCS László (2023): Hadviselés a 21. században: kiberműveletek. Budapest: Ludovika.

OHME, Marty (2014): Use of Tablet Computer as Electronic Flight Bags in General Aviation. Aviation / Aeronautics / Aerospace International Research Conference, 37. Online: https://commons.erau.edu/aircon/2014_Challenges_Facing_our_Industry/january-17-2014/37

ÖZKAN, N. Fırat – AKSOY, Emre – ŞENSOY, Gökberk (2021): Evaluation of Jeppesen and Garmin Electronic Flight Bags (EFBs) Applications in Terms of Cognitive Workload and Availability. International Journal of Multidisciplinary Studies and Innovative Technologies, 5(1), 36–45.

PEREDY Zoltán – VENCZEL Márk (2020): Nemzetközi repülőterek kiberbiztonsági kihívásai. Repüléstudományi Közlemények, 32(2), 165–180. Online: https://doi.org/10.32560/rk.2020.2.12

Personal Wings [@PersonalWings] (2022): Aviation Cyber Security and Recent Boeing Jeppesen Ransomware Hack. YouTube, 2022. november 6. Online: https://www.youtube.com/watch?v=RhLeTHTKxoU

PUFAHL, Alexander (2022): Global NOTAM Campaign. Online: https://www.icao.int/NACC/Documents/Meetings/2022/AIMTF5/AIMTF5-P04.pdf

RAJ, Aaron (2023): Boeing Hack: Should the Airline Manufacturer Negotiate with Cybercriminals? Tech Wire Asia, 2023. november 6. https://techwireasia.com/2023/11/boeing-hack-should-the-airline-manufacturer-negotiate-with-cybercriminals/

SUPPIAH, Saravanan et al. (2020): Impact of Electronic Flight Bag (EFB) on Single Pilot Performance and Workload. International Journal of Aviation, Aeronautics, and Aerospace, 7(4), 1–14. Online: https://doi.org/10.15394/ijaaa.2020.1531

SZABÓ Sándor – TÓTH Rudolf (2013): Repülőterek kialakítása, létesítményeinek kritikus elemei, védelmük lehetséges műszaki megoldásai. Repüléstudományi Közlemények, 25(2), 89–113. Online: www.repulestudomany.hu/kulonszamok/2013_cikkek/2013-2-07-Szabo_Sandor-Toth_Rudolf.pdf

THURBER, Matt (2022): Jeppesen Planning, Chart Products Suffer ’Technical Issues’. AIN Online, 2022. november 4. Online: https://www.ainonline.com/aviation-news/business-aviation/2022-11-04/jeppesen-planning-chart-products-suffer-technical-issues

TÓTH András (2022): A digitális állam információbiztonsági kihívásai. Budapest: Ludovika.

U.S. Department of Transportation (2015): Federal Aviation Administration: Advisory Circular, 90-100A. Online: https://www.faa.gov/documentLibrary/media/Advisory_Circular/AC_90-100A_CHG_2.pdf

ZEE, Mark (2022): Jetplanner, FD Pro, Charts – Down. OPS Group, 2022. november 3. Online: https://ops.group/blog/jetplanner-fd-pro-charts-down/