THE POLITICS OF AIRLINES: EMERGING TRENDS IN CYBERCRIME
Governments and business organizations rely on the use of computer systems to
provide and manage a set of services such as transportation, billing, and revenue
collection, among others. The emergence of the interconnection of services and
service providers have boosted many operational features, that benefits people.
However, this has expose the threat of Internet-related criminal activities, making
consumers vulnerable to them. Cybercrime involves the use of technological tools
like computers, tablets, phones, and internet connectivity to carry out malicious
activities in the cyberspace, such as malware, phishing, spamming, and hacking,
to steal data (financial information or credentials). The transportation system,
particularly airline booking, is vulnerable to these kinds of attacks and requires an
objective approach to explore ways to mitigate and counter such threats.
Types of cybercrime in the aviation
Cybercrime falls into two categories:
1. Active: if someone uses a computer to commit a crime without authorization.
2. Passive: when someone uses a computer to track data traffic and steal
information.
Any application on the internet can be encoded with a virus and other malicious
programs. Criminals usually exploit online chatting platforms to steal users’ IDs,
sell and request more information from hackers in the Dark Web. Another pattern
used is email compromise, where a virus, malware, or spyware can be use to
damage user data and devices in minutes. It may also be used to steal user
information or company files and secretly send it to the hacker, or a virus. A virus
can destroy documents by erasing files or essential information on the computer.
Hacking is one of the most dangerous forms of cybercrime often done on a large
scale and has an intense focus on community security. Piracy is the unauthorized
access to devices and systems. Attacks in transport like unauthorized access to the
airline systems can disrupt or destroy of passenger databases, or access financial
information of the companies or passengers. There are two main categories of
these attacks; human-based deception and technology-based deception.
Technology-based deception involves a user interacting with another via a
computer, where one party obtains user data by convincing the user an application
has a problem, aiming to get confidential information. Meanwhile, human-based
deception simply exploits the victim’s ignorance. An example of technology
based deception is the 2011 hacking of CAMAIR-CO.
In 2011, Camair-Co, Cameroon’s leading airline, was breached by hackers
who managed to book several flight tickets using a travel agency’s
trademark. They succeeded in booking about 500 flight tickets. This incident
prompted the state to focus on cybersecurity, with MINPOSTEL and ENIX
(the cybersecurity structure) working to secure national and international
entities from cyber breaches.
Ethical hackers and penetration testers are still underutilized in some Sub-Saharan
Africa countries, which is one reason for the rising internet penetration and
increased vulnerability of states and individuals.
The disappearance of the Malaysian passenger plane MH370 goes back to a
technical failure that could have resulted from someone tampering with the
computing system. Therefore, passenger safety is of utmost importance,
requiring prevention of emerging cyber threats like weaponized drone
attacks and cyber terrorism.
Intervention methods must involve experienced penetration testers (pentester) to
verify the vulnerability of aviation industry networks and services, and work with
ethical hackers for breach response and emergency recovery of data compromised
by criminals.
Travel companies working with the aviation sector must deploy multi-layered
security for databases, servers, and website features to prevent defacement.
In as much as planes have black boxes that can be recovered after crashes, it’s
necessary for airlines to install security features like spy cameras and voice
recorders that can be activated remotely to send real-time images in case of
hijacks, disappearances, or accidents.
Conclusion
Aircraft security can be redefined using cybercrime attribution, a process that
analyzes cybercriminal patterns by examining computer language, code, and
network activity to create scientific evidence establishing the basis of attribution.
The aviation industry and its affiliates, in coordination with pentesters, cyber bug
bounty and ethical hackers can easily detect possible technical vulnerabilities
exploitable by malicious intruders. Securing civil aviation requires all
cybersecurity actors and innovative techniques to track and mitigate incidents in
real-time. Thus, the policies, security protocols, and military narratives on
counter-terrorism, cyber espionage, and weaponized drones used by state and
non-state actors need to be amended to counter new challenges.
Read
Alsaidi A, Gutub A, Alkhodaidi T (2019) Cybercrime on Transportation Airline.
J Forensic Res 10: 449.
S. Obia (2021) Hacking as a Socio-Political menace in Cameroon. Journal of
Scientific Papers ‘‘Social Development and Security’’, vol.11, No.6,-2021
