How to secure aviation’s connected systems

In aviation, getting more connected might take on a dangerous dimension.

There are three aspects to the aviation sector that assign it great value — IP and R&D; the human factor (e.g., talent, capacity); and finally, the connected IT systems (and their data) used to harness and scale the potency of moving people and things farther and faster.

The interdependence between aircraft, airports and global supply chains comprise multiple complex connected systems. These include everything from scheduling software, flight planning systems, air traffic control and radar to engine lifecycle management and much more. What happens when any of these systems gets exposed digitally? It’s like a plane deploying a drag chute — everything slows down fast, sometimes to a complete halt, as safety protocols kick in or damage control begins.

Top guns…

When the first digital avionic systems such as FADEC started to be introduced in the late ‘60s and ‘70s, ARPANET, the predecessor of the internet, was still in its infancy. Driven by the need to win the Cold War, major U.S. aerospace companies like General Dynamics with fly-by-wire and Boeing with its first EFIS systems in use began to push the envelope to bring aviation to the forefront of technological innovation.

These days, the internet is literally everywhere, and it has not only surpassed or consumed many aviation-specific technologies but largely dictates that most new approaches are fully digital. The European Union Aviation Safety Agency (EASA) describes aviation as a “system of systems,” which is very apt, and the crux of the problem, really. The interconnected nature of modern systems coupled with the software supply chains (including cloud) providing for subsets of apps and services served for and by aviation make for a potentially lethal mix of security gaps that not even the TSA could screen for. …and top threats

Busy locations such as London Heathrow or Berlin Brandenburg Airport thrive on continuity — like most businesses, really. Ticketing, luggage terminals, aircraft software maintenance, air traffic control and more depend on proprietary cyber tech sourced from experienced aviation software developers to keep them chugging on with efficiency.

That is, when things go well, which they often don’t. In September 2025, airports around the world found themselves ineffective when Collins Aerospace’s ARINC cMUSE software (Aeronautical Radio Incorporated, Multi User System Environment) used for passenger processing got disabled by a cyberattack. According to ENISA, ransomware is to blame, with yet (as of the writing of this article) unknown assailants disrupting the automatic check-in and boarding software, demanding a ransom in bitcoin.

This case clearly demonstrates the inherent reliance of airports on third-party software, with their operators unable to resolve said incident themselves, forced to go all manual to assist airlines and their passengers.

Live servicing and dependencies

It can be difficult to address bugs and vulnerabilities in externally procured software and services. Cloud software notoriously extends the attack surface, taking away opaque bits of control from in-house IT or SOC teams, delaying comprehensive remediation — exemplified by the ARINC cMUSE outage, or even the recent Salesloft Drift case.

ESET Research is also aware of the tenuous nature of aviation systems. In 2020, our researchers highlighted Operation In(ter)ception, in which attackers, likely from the North Korea-aligned Lazarus APT group, targeted high-profile aerospace and military companies by means of social engineering, sending bogus job offers to commit espionage, or to monetize access to the victims’ accounts. Among the malicious profiles used to lure in unaware victims were impersonated accounts of companies like Collins Aerospace.

Secure in the clouds and down below

Resilience against disruptions is found in early prevention. How? Here are a few tips: Before anything, check your region’s local aviation security frameworks and standards, such as the EU’s EASA rules or global standards set by ICAO. These rules create an expected baseline for aviation security.

• Further resilience can be found in auditing your supply chain. Create a visible inventory of your suppliers, check their compliance, inquire about their incident response strategy, and establish a direct line of communication to their customer service teams for a fast response in case things go wrong.

  
  

• Teach your employees awareness. Anyone working in the aviation industry is a high-value target due to their access to exploitable connected systems. Look for cybersecurity awareness programs that consider advanced threats like spearphishing to up your employees’ cyber game level.

  
  

• Consider Zero Trust. Awareness might not be enough — enforce identity-based verification and curtail access to connected systems based on a “need to know” basis. This way, you can make an attacker’s attempt at lateral movement much more difficult.

  
  

• Air-gap and put critical systems on-prem. Segment off mission-critical systems from the internet to prevent cross-contamination. There’s no reason why flight monitoring or various aircraft diagnostics tools should have to have online access. In the same vein, having important systems run on-prem can prevent cloud-vectored exploits from disrupting your operations.

  
  

• Monitor your environment. Use AI-native detection and response solutions, or better yet, a managed service to quickly detect and respond to system anomalies that could result in large-scale incidents.

Connecting the dots

In aviation, safety has always been paramount — and in the digital age, cybersecurity is simply an extension of that principle. As connected systems continue to evolve and integrate deeper into aviation’s core operations, the industry must prioritize cybersecurity and use it as a guiding principle when implementing mission-critical connected systems. 

Whether through air-gapping, on-prem deployments, Zero Trust, or rigorous supply-chain audits, the goal remains the same: to ensure that the gears and engines of global aviation keep on turning.