Cybersecurity Challenges for NATO Military Air Transport Operations
Copyright (c) 2025 Paráda István, Tóth András
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Abstract
The aviation industry's increasing reliance on technology has led to concerns about state-sponsored cyberattacks, which pose cybersecurity challenges for both military and civil aviation. This paper analyses NATO's military air cargo capabilities. It examines relevant civil aviation cyberattacks as case studies in light of potential cyber threats to NATO military aviation. Summarising these findings, the authors conclude their implications. They then use an analytical-evaluative method to identify categories of cyberspace assets that are key to protecting aviation IT infrastructure and highlight the differences and overlaps between IT-OT and Platforms in a military context. In addition, a comprehensive presentation of ways to effectively defend civil and NATO military aviation systems against cyber-attacks will be presented, which is essential to ensure a secure aviation system and address evolving cyber threats.
Keywords:
How to Cite
References
Anomali Threat Research (2019): Weekly Threat Briefing: Spam Campaign Uses Recent Boeing 737 Max Crashes to Push Malware. Anomali, 2019. március 19. Online: Weekly Threat Briefing: Spam Campaign Uses Recent Boeing 737 Max Crashes to Push Malware
ANTONIUK, Daryna (2023): Airbus Investigates Data Leak Allegedly Involving Thousands of Suppliers. The Record, 2023. szeptember 12. Online: https://therecord.media/airbus-data-leak-suppliers-breachedforums
BHARGAVA, Amit Kumar (2024): Cybersecurity in Aerospace: A Military Perspective. Blue Yonder, 1(1). Online: https://journals.capsindia.org/index.php/byj/article/view/48
BRITTON, Niki (2022): ‘Cyber Incident’ Affected Flight Planning. Boeing Subsidiary Jeppesen Apparently Targeted. AOPA, 2022. november 9. Online: www.aopa.org/news-and-media/all-news/2022/november/09/cyber-incident-affected-flight-planning
BRYANT, William D. (2015): Resiliency in Future Cyber Combat. Strategic Studies Quarterly, Winter, 87–107. Online: https://www.airuniversity.af.edu/Portals/10/SSQ/documents/Volume-09_Issue-4/Bryant.pdf
BRYANT, William D. (2016): Mission Assurance through Integrated Cyber Defense. Air & Space Power Journal, 30(4), 5–17. Online: https://www.airuniversity.af.edu/Portals/10/ASPJ_Spanish/Journals/Volume-29_Issue-3/2017_3_04_bryant_s_eng.pdf
DUVELLEROY, Matthieu (2019): Airbus Statement on Cyber Incident. Airbus, 2019. január 30. Online: https://www.airbus.com/en/newsroom/press-releases/2019-01-airbus-statement-on-cyber-incident
GATES, Dominic (2018): Boeing Hit by WannaCry Virus, But Says Sttack Caused Little Damage. The Seattle Times, 2018. március 28. Online: https://www.seattletimes.com/business/boeing-aerospace/boeing-hit-by-wannacry-virus-fears-it-could-cripple-some-jet-production/
HOOD, James D. (2009): NATO Strategic Airlift: Capability or Continued US Reliance? Maxwell Air Force Base, Air Command and Staff College Air University. Online: https://apps.dtic.mil/sti/tr/pdf/ADA539589.pdf
HUNORFI, Péter – PARÁDA István – FARKAS Tibor (2024). Kiberbiztonsági kihívások a légi közlekedésben. Hadmérnök, 19(1), 101–120. Online: https://doi.org/10.32567/hm.2024.1.6
ILASCU, Ionut (2023): LockBit Ransomware Leaks Gigabytes of Boeing Data. Bleeping Computer, 2023. november 12. Online: www.bleepingcomputer.com/news/security/lockbit-ransomware-leaks-gigabytes-of-boeing-data/
ILLING, Dawn (2023): The Cyber Threat Landscape Of The Aviation Sector. Skyradar, 2023. március 28. Online: https://www.skyradar.com/blog/the-cyber-threat-landscape-of-the-aviation-sector
KALIVODA, Michal – DEFAZIO, Alexander (2017): Defending NATO’s Aviation Capabilities from Cyber Attack. JAPCC, 2017. január, Online: https://www.japcc.org/articles/defending-natos-aviation-capabilities-from-cyber-attack/
KLINT, Matthew (2022): Breaking: Boeing’s Jeppesen Subsidiary Hit with Potential Ransomware Attack. Live and Let’s Fly, 2022. november 3. Online: https://liveandletsfly.com/boeing-jeppesen-ransomware-attack/
MEGYERI Lajos – FARKAS Tibor (2017): Kockázatkezelés, tudomány vagy kuruzslás? Hadmérnök, 12(3), 198–209. Online: https://real.mtak.hu/64731/1/1.Farkas_Hadm%C3%A9rn%C3%B6k2017.pdf
NATO (2022): Multi Role Tanker Transport Capability (MRTT-C) Factsheet. Online: https://www.nato.int/nato_static_fl2014/assets/pdf/2022/9/pdf/2209-factsheet-mrtt.pdf
NATO (2023): Vilnius Summit Communiqué. Online: https://www.nato.int/24cps/ge/natohq/official_texts_217320.htm
NATO (2024a): Strategic Airlift. 2024. március 7. Online: https://www.nato.int/cps/en/natohq/topics_50107.htm
NATO (2024b): Washington Summit Declaration. 2024. július 10. Online: https://www.nato.int/cps/cn/natohq/official_texts_227678.htm
NYITRAI Mihály (2016): Eredmények a szövetséges stratégiai légi és tengeri szállítóképesség erősítése terén. Hadtudományi Szemle, 9(2), 73–94. Online: https://tudasportal.uni-nke.hu/xmlui/handle/20.500.12944/14008
OPPELAAR, Isaiah (2023): NATO’s Multinational MRTT Unit An Update and Case Study for Future Defence Cooperation. The Journal of the JAPCC, 35, 25–31. Online: https://www.japcc.org/articles/natos-multinational-mrtt-unit/
RAJ, Aaron (2023): Boeing Hack: Should the Airline Manufacturer Negotiate with Cybercriminals? Tech Wire Asia, 2023. november 6. Online: https://techwireasia.com/2023/11/boeing-hack-should-the-airline-manufacturer-negotiate-with-cybercriminals
ROBIN, Miriam (2023): Cyber Risk Disclosures in Crosshairs as SEC Charges SolarWinds with Fraud. Intelligize, 2023. november 16. Online: https://www.intelligize.com/cyber-risk-disclosures-in-crosshairs-as-sec-charges-solarwinds-with-fraud/
SIPOSNÉ KECSKEMÉTHY Klára (2019): A NATO biztonsági beruházási programja Magyarországon. Honvédségi Szemle, 147(2), 27–40. Online: https://real.mtak.hu/125189/
SZARVAS László (2008): Stratégiai Légi Szállítási képesség – egy új többnemzeti megoldás. Nemzet és Biztonság, 1, 60–76. Online: https://www.nemzetesbiztonsag.hu/cikkek/szarvas_laszlo-strategiai_legi_szallitasi_kepesseg___egy_uj_tobbnemzeti_megoldas.pdf
SZÁSZI Gábor (2015): A Magyar Honvédség légiszállító képességének változása napjainkig, a fejlesztés jövőbeni lehetpségei. Economica, 8(4/2), 216–227. Online: https://doi.org/10.47282/ECONOMICA/2015/8/4/2/4607
THEOCHARIDOU, Marianthi – STANIC, Zoran – DROUGKAS, Athanasios – DE SOUSA FIGUEIREDO, Ricardo – TSEKMEZOGLOU, Eleni – NAYDENOV, Rossen – LELLA, Ifigeneia – MALATRAS, Apostolos szerk. (2022): ENISA Threat Landscape: Transport Sector. ENISA. Online: https://doi.org/10.2824/553997
THURBER, Matt (2022): Jeppesen Planning, Chart Products Suffer ‘Technical Issues’. AIN Online, 2022. november 4. Online: www.ainonline.com/aviation-news/business-aviation/2022-11-04/jeppesen-planning-chart-products-suffer-technical-issues
UKWANDU, Elochukwu – BEN-FARAH, Mohamed Amine – HINDY, Hanan – BURES, Miroslav – ATKINSON, Robert– TACHTATZIS, Christos – ANDONOVIC, Ivan– BELLEKENS, Xavier (2022): Cyber-Security Challenges in Aviation Industry: A Review of Current and Future Trends. Information, 13(3), 3–5. Online: https://doi.org/10.3390/info13030146