By Ajay Kapur, New Delhi. September. Modi’s India saw a new phrase which seems to have caught the attention of the world. ‘Digital India’ aims to tranform India into a ‘digitally empowered society and knowledge economy’ which will strengthen the brain of India , leading to a globally compatible India. And the credit of this goes to the Internet which not only is all-pervasivebut also the lifeline of the modern world.
E-Commerce, E-Banking, E-Governance and E-Education has helped the business growth by creating new opportunities but has also given birth to a trillion dollar industry of cyber security. And this is because internet is not altogether a safe place and cyber-attacks on banks, large financial and manufacturing organisations, industries, even other nations, are no longer alien terms.
The aerospace, defense, and intelligence verticals are considered one of the most complex and integrated systems of information and communications technology (ICT) globally and are the most potential target for large-scale cyber-attacks. With the continual and rapid integration of new technologies, aviation industry keeps expanding, changing, and becoming increasingly connected, however, so do our adversaries and their threats. And without the appropriate cyber security measures in place for this evolving threat, the industry may be at high risk.
Aviation sector is very crucial to the global economy which carries over 2.6 billion passengers a year and 48 million tons of freight through its reliable, safe, and efficient transportation network. Aviation’s global economic impact is estimated at $2.2 trillion or 3.5% of global gross domestic product (GDP) according to AIAA cyber framework August 2013.
Currently, growing threat to the safety and security of the global aviation system lies in cyberspace through the various actors focused on malicious intent, the theft of information, profit, and political motivations. There is no a common vision, or common strategy, goal, standards, implementation models, or international policies defining cybersecurity for commercial aviation.
Commercial impacts to the businesses due to Cyber-attacks are costing more than $400 billion yearly. Market research firm Gartner says global spending on IT security is set to increase 8.2 percent in 2015 to $77 billion, while India has the world’s second largest population, and a very small cybersecurity economy. But it is a nation to watch for cybersecurity market growth. According to a PwC report India’s cyber security market size in India will jump to $1 billion USD in 2015 (from an estimated $500 million USD last year) which is anticipating as 100 percent year-over-year growth.
The computer based systems is used in almost every aspect of civil aviation operations – ranging from sophisticated air navigation systems, on-board aircraft control & communications systems, airport ground systems including flight information and security screening, to simply inventory and day-today office data management systems and have been going on for many years now. Similarly, cyber threats such as computer viruses and more malicious deliberate attacks on computer systems by hackers and other adversaries are not new occurrences.
With the continued growth of the global civil aviation industry, the increasing number of air travellers, development of new, larger and more modern airports as well as the introduction of new and more sophisticated aircraft, there will certainly be greater use of IT systems as well as more advanced computer-based systems in all aspects of civil aviation operations.
More significant work has been accomplished in cybersecurity by The National Institute of Standards and Technology (NIST), the Federal Information Processing Standards (FIPS), the International Organization for Standardization (ISO), and the Information Systems Audit and the Control Association (ISACA) Control Objectives for Information and related Technology (COBIT) have developed standards that provide the industry with best practices.
Recently Raytheon has won a $1 billion contract from the US department of Homeland Security to Provide Mission Critical Cybersecurity Solutions as the prime contractor and systems integrator for the agency’s Network Security Deployment (NSD) Division for providing full lifecycle development and sustainment support for initial 5 years with the ability to extend some orders for up to an additional 24 months.
Similarly European Aviation Giant Airbus signed a strategic partnership with French IT service company Atos to develop security systems against cyber-attacks, and increase their stake in “the growing cyber security market estimated to be worth $84 billion” or 75 billion euros by 2016.
The Indian Government is also likely to set up a co-ordination center to curb cyber-crime costing Rs 500-crore (US $76 million) to have advanced application to monitor social media activities related to Ministries of Home, External Affairs, Defense and other government organizations, PTI reported.
This move comes after an expert committee, set up to prepare a roadmap for effectively tackling cyber-crime in the country. Among the recommendations, the committee suggested the government set up ‘Indian Cyber Crime Coordination Centre’ (ICCCC) at the national level having branches in all states with the linkages to CCTNS and NATGRID, the two database having information related to various kinds of crime and criminals.
One of the priorities of ICCCC will be how to check attempts of international gangs to penetrate Indian government official communication network and hack them. The committee also suggested to reduce dependence on foreign servers and ensure one dedicated secure gateway for all government communication. The expert group was constituted by the Home Ministry on December 24, 2014.
Ensuring a secured aviation system and staying ahead of evolving cyber threats is a shared responsibility, involving governments, airlines, airports, and manufacturers. It is critical that all of these members adopt a collaborative, risk-informed decision-making model to set goals and define a cybersecurity framework and roadmap to strengthen the aviation system’s resilience against attacks.