Following a rise in cyber-attacks over the past several years, the United States Transportation Security Administration (TSA) has unveiled new cybersecurity regulations to overhaul digital infrastructure across the aviation industry.

Infrastructure changes

In a statement posted Tuesday, the federal agency issued a new emergency amendment to its airport and airline cybersecurity requirements, mirroring a similar policy brought in for passenger and freight rail operators in October 2022.

Cybersecurity has become a hot topic within the US over recent years after a rise in cyberattacks hitting private companies and government agencies. In October, 14 major US airports were targeted during a distributed denial of service (DDoS) cyber-attack, leaving them briefly inaccessible, though airport operations were not impacted. New policies, including a Biden-Harris administration-led National Cybersecurity Strategy, have since been proposed to strengthen the US’ cyber resilience.

The TSA has highlighted the urgency of its implementation, noting the growing cybersecurity threats against the country’s digital infrastructure, particularly within the aviation industry. TSA Administrator David Pekoske, said:

“Protecting our nation’s transportation system is our highest priority, and TSA will continue to work closely with industry stakeholders across all transportation modes to reduce cybersecurity risks and improve cyber resilience to support safe, secure, and efficient travel."

“This amendment to the aviation security programs extends similar performance-based requirements that currently apply to other transportation system critical infrastructure.”

American Airlines' passengers checking in at Las Vegas Harry Reid Airport
Photo: RYO Alexandre / Shutterstock

Four “actions” have been laid out by the TSA, including developing network segmentation policies and controls, creating more robust access control measures to prevent breaches, implementing systems to consistently monitor and detect threats, and applying security patches and updates to critical software and drivers.

When implemented, the measures are set to enhance the industry’s ability to defend against digital attacks, signaling a significant ramp-up from previous TSA and Cybersecurity and Infrastructure Security Agency (CISA) requirements, which focused more on crisis response than prevention.

Expanding policy

Outside of the US, all airlines have at least begun planning major cybersecurity initiatives across the industry by 2024 alongside general IT modernization plans. Similarly, according to data compiled by SITA, around 94% of airports have started investing in cybersecurity programs, topping the list of high priorities in the short term ahead of Cloud and remote IT services.

SAS Scandinavian Airlines Airbus A321
Photo: sockagphoto/Shutterstock

Get all the latest aviation news right here on Simple Flying.

In February, Scandinavian carrier SAS's servers became the target of the hacktivist group "Anonymous Sudan", knocking its website offline and leaking vital customer information linked to its mobile application. The airline urged its customers to avoid logging in after customers were given access to the wrong accounts.

Less than two days later, seven German airports, including Düsseldorf (DUS), Nuremberg (NUE), and Dortmund (DTM), were hit by a similar cyber-attack, bringing down its web traffic, but not affecting general operations. The German government’s Federal Office for Information Security previously identified the country’s threat level for cybercrimes as high, citing increased alert from Russian-based hackers after the invasion of Ukraine. Germany’s largest airports, Berlin (BER), Munich (MUC), and Frankfurt (FRA), were not affected by the attack.

What are your thoughts on the TSA’s latest cybersecurity announcement? Let us know in the comments.

Sources: Reuters, The Economic Times