Dem pressures airlines for cyber defense details

Sen. Ed Markey (D-Mass.) wants to know more about how airlines and airplane makers are defending themselves from hackers that have increasingly targeted the aviation industry.

Markey, who has also helped lead the Senate’s charge to question the auto industry about its cybersecurity plans, sent letters Wednesday to 12 airlines and two airplane manufacturers pressing for details on their digital defenses.

{mosads}“As technology rapidly continues to advance, we must all work to ensure that the airline industry remains vigilant in protecting its aircraft and systems from cybersecurity breaches and attacks,” Markey wrote.

In the past year, the aviation industry has come under siege from both cyber criminals and overseas cyber spies.

In the span of several months this summer, hackers infiltrated the U.S. air traffic control system, forced airlines to ground planes and potentially stole detailed travel records on millions of people.

The incidents were enabled by an industry that increasingly relies on digital networks but has yet to develop specific cybersecurity standards.

“With these technological advancements come great benefits, including improved flight navigation, greater communications abilities, and greater operational efficiency,” Markey wrote. “However, as we have witnessed recently in the automobile industry, I am concerned that these technologies may also pose great threats to our security, privacy and economy.”   

Markey’s letter went out to American Airlines, Delta Airlines, Southwest Airlines, United Airlines, JetBlue Airways, Alaska Airlines, Spirit Airlines, Frontier Airlines, Hawaiian Airlines, Allegiant Air, Virgin America and Sun Country Airlines, as well as the airplane manufacturers Airbus and Boeing.

In each memo, Markey asked for specifics on the digital safeguards each had in place to protect features such as in-flight Wi-Fi, which security researchers have said presents vulnerabilities.

He also asked for details on cybersecurity tests and records of any previous successful or attempted intrusions in the past five years.

Markey’s queries will could result in a report on the overall state of aviation cybersecurity, similar to the paper he issued last year after sending similar letters to automakers.

Depending on Markey’s findings, his efforts could give boost to a bipartisan Capitol Hill push to mandate cybersecurity reporting in the aviation industry.

Sen. Susan Collins (R-Maine), who chairs the Appropriations subcommittee that oversees the Federal Aviation Administration (FAA), has been a leader of this cause.

“There should be a requirement for immediate reporting to the federal government,” she told The Hill earlier this year.