Risks to Aviation ‘Grossly Inaccurate,’ says ICAO

Risks to Aviation 'Grossly Inaccurate,' says ICAO

A 2016 cyber-attack that resulted in a major data breach for the International Civil Aviation Organization (ICAO), believed to be the work of a hacker associated with Emissary Panda, should have been prevented, according to the CBC.

Documents resulting from an extensive investigation allegedly revealed that ICAO attempted to cover up the way flaws in security strategies were handled.

"The documents obtained by CBC, which are assessment reports that include emails and an 'information security incidents summary,' show that a cyber-intelligence analyst working for an independent agency known as the Aviation Information Sharing and Analysis Center first flagged the cyber-attack on November 22, 2016."

The story also alleged that based on these documents, key members of the team of this global aviation standard-setting body who "should have prevented the attack tried to cover up how badly it was mishandled."

However, a spokesperson from ICAO said in a statement, "The purported gravity of the malware found on our servers in 2016 has been greatly exaggerated in the CBC account. ICAO regrets many of the erroneous interpretations and conclusions presented in today’s CBC article surrounding a three-year-old data security incident we experienced.

"We’re not aware of any serious cybersecurity ramifications for external partners which resulted from this incident, and as a standards-setting body, with no operational role or mandate in aviation, the inference that our data security could pose risks to the combined aviation and aerospace sectors, or the general public, is grossly inaccurate."

The ICAO also acknowledged that cyber events pose a serious threat to all companies and organizations in the 21st century, and stated that since this 2016 event ICAO has made robust improvements to its cybersecurity posture and approaches to mitigate further incidents.

"As indicated in our earlier statement, this matter was investigated immediately after it was identified, by two independent expert organizations, and then reported to our Governing Body."

One issue that might have led to the breach is that cyber-criminals are known to target employees in order to find the path of least resistance into an organization. When there are many paths, compromising government agencies, companies and industries becomes all too easy for attackers.

"It would be almost impossible for employees to recognize that an important website has been loaded with malware or even if their computers have been infected. Phishing emails are so professionally presented, it is hard even for the most savvy of users to tell the difference," said Lisa Baergen, VP of marketing for NuData Security.

Source: Information Security Magazine