FAA Deploys ‘Comprehensive Approach’ as U.S. Braces for Potential Russian Hacking

The agency says it is collaborating closely on cybersecurity with the Department of Homeland Security, the Department of Defense, airports, and airlines.

Aspiring controllers undergo training at the FAA’s Oklahoma City training center. [Courtesy: FAA]

The FAA says it is deploying a "comprehensive approach" to securing air traffic facilities amid heightened warnings of possible Russian cyberattacks on U.S. businesses and infrastructure.

"The Federal Aviation Administration is responsible for securing systems and services at its air traffic facilities and has a comprehensive approach to protect them from cybersecurity threats," a spokesperson from the FAA told FLYING

"...the FAA and its partners identify cyber risks, measures to address them, and ways to increase cybersecurity."

FAA spokesperson to FLYING

"The FAA requires manufacturers to keep key control systems safe from cyber threats as part of their aircraft certification, and the FAA continuously monitors aircraft to identify emerging issues through several programs. 

"The FAA also collaborates closely on cybersecurity with the Department of Homeland Security, the Department of Defense, airports and airlines," the spokesperson said. "Through the Aviation Cyber Initiative taskforce, the FAA and its partners identify cyber risks, measures to address them, and ways to increase cybersecurity."

The statement comes as U.S. businesses and agencies brace for possible cyberattacks from Russia in retaliation to widespread international sanctions following its invasion of Ukraine late last month.

"There is now evolving intelligence that Russia may be exploring options for potential cyberattacks," White House officials said March 21. "The President has launched public-private action plans to shore up the cybersecurity of the electricity, pipeline, and water sectors and has directed Departments and Agencies to use all existing government authorities to mandate new cybersecurity and network defense measures."

U.S. government warnings come as Russia accused the U.S. and "collective West" of  orchestrating large-scale cyber attacks against its government agencies and critical infrastructure. "In fact, this cyberwar is being waged by an army of cyber mercenaries who have been given concrete combat tasks that often border on terrorism," it alleged in a statement Tuesday.

It's a charge the U.S. government officials flatly denied.

"The United States Government has not engaged in the activity described by Russia. Moscow’s statements to the contrary amount to disinformation," National Security Agency spokesperson Emily Horne told The Hill on Tuesday.

An unconfirmed report citing Russian media alleged Tuesday that hackers had targeted the Russian Federal Air Transport Agency, erasing 65 terabytes of data that included aircraft registration data and server mail. Russia's domestic flight traffic, however, did not appear to be disrupted, according to FlightRadar24.

When asked for confirmation about the claim, a U.S. Cyber Command spokesperson did not comment.

When it comes to cybersecurity in U.S. aviation, the FAA has safety oversight responsibilities for aircraft design and aeronautical products, including safety-enhancing communication and navigation systems.

"These systems rely on connectivity between an airplane and ground or space-based infrastructure," Larry Grossman, FAA's chief information security officer, told members of the House Transportation Committee in December. "The reliance upon such connectivity creates cyber risks and, since such risks could affect the airworthiness of the aircraft, requires that such risks be addressed during the certification process."

There are other risks in aviation, such as "potential vectors for ransomware" that can affect flight operations, according to Pen Test Partners, a cybersecurity research firm.

Potential attack areas include aircraft control systems, natviation databases, booking systems, maintenance, airfield, satcom, inflight entertainment, and electronic flight bags, the group said. In an exercise, the firm found that while flight systems weren't significantly exposed, it was ground systems affected by ransomware that could make flight operations either impossible or delayed.

"It’s clear to us that the size of the attack surface and attack vectors potentially available make it almost impossible to entirely prevent ransomware in the aviation industry," Pen Test Partners said. "Prioritizing critical system defenses will reduce the risk and any potential damage, in particular for systems where a backup is difficult to source or unavailable."

Kimberly is managing editor of FLYING Digital.

Sign-up for newsletters & special offers!

Get the latest FLYING stories & special offers delivered directly to your inbox