Monday, November 9, 2015

As cyber-risks abound, airline industry seeks Israeli help

IATA, the largest international airline group, will work with Tel Aviv University to improve on- and off-line security for its members
By David Shamah, The Times of Israel


The International Air Transport Association (IATA) has signed an agreement with Tel Aviv University under which a new joint center for innovation in aviation will be established in order to
develop technologies to protect airline reservations systems, authentication for security purposes, and financial systems, as well as to develop ways to run airlines more efficiently using big data and advanced intelligence.

Two weeks ago, the New York Stock Exchange was shut down for nearly four hours for still-unexplained reasons – possibly, according to some experts, due to hacker activities. That incident generated headlines all over the world, but there was a second unexplained outage as well on July 8 – the grounding of all flights by United Airlines for nearly an hour. Was it due to hacking? A United Airlines official said there was “no indication that this was caused by an outside entity,” but it wasn’t the first time United – or flights by other airlines – were grounded for “unexplained” reasons.

That airlines are vulnerable to hackers is well-established. In June, for example, planes were grounded in Poland after hackers breached the network at Warsaw’s Chopin airport, causing delays that affected some 1,400 passengers. In May, United removed a passenger from a flight after he apparently hacked into a plane’s navigation system via its entertainment system. And in January, Malaysia Airlines saw hackers break into its website.

And airlines realize just how vulnerable they are. In May, United announced a Bug Bounty contest, inviting hackers to test its online systems to find weaknesses. Last week, the airline awarded a million frequent flier miles to two hackers were able to find vulnerabilities. While he couldn’t share the specifics of the hack (to prevent details of the vulnerabilities from coming out), Jordan Wiens, one of the winners, said that the bugs were somewhat “lame” – an indication that the system may not have been very well-protected.

Realizing it has a problem, IATA – which represents 260 airlines that are responsible for 83% of the
world’s airline flights – has teamed up with Tel Aviv University to develop security systems in a variety of areas. With the agreement, IATA joined the companies’ forum of Tel Aviv University’s cyber center, and helped organized an international cyber-security conference that took place at Tel Aviv University last month. As part of the joint activity, IATA’s representatives, together with Ramot and Tel Aviv University’s international cyber center, will identify technologies and information that are relevant to the field of international flight.

Prof. Raanan Rein, vice president of Tel Aviv University, who signed the agreement on behalf of the university, said that it was another important step in the university’s links with international companies and industry.

“The agreement with such a large and important organization as IATA demonstrates Tel Aviv University’s leading role in the fields of entrepreneurship and innovation, as well as in research,” said Rein.

Kobi Zussman, CEO of IATA Israel, said that like hundreds of international bodies, IATA and the world of flight also wish to benefit from Israeli high-tech academic capabilities. “We are convinced that our collaboration with Tel Aviv University will be most valuable for the flight industry,” he said.