The Department of Homeland Security (DHS) and its Transportation Security Administration (TSA) have issued a handful of sector-specific cybersecurity directives over the last eighteen months. The effort began as a response to the 2021 ransomware attack on the Colonial Pipeline, which became a catalyst for the first major security directive for pipeline owners and operators. This week, in response to persistent cybersecurity threats to critical infrastructure, including the aviation sector, the TSA has issued an emergency Security Directive for airports and aircraft operators.
Recent cyberattacks have driven DHS to launch a series of 60-day cybersecurity-focused sprints to operationalize security efforts and raise awareness of key cybersecurity priorities, including airlines and airport operations. Like other critical infrastructure sectors, there’s a push for each entity to make their operations a less-lucrative target – reducing risk and raising costs for would-be attackers. With threat actors specifically looking to target major airlines with ransomware, the aviation sector is realizing that it may only be as strong as its weakest link. ...read more!
