News release: April 14, 2015

Internet of Things (IoT) Presents Threat to Aviation Safety, According to Cybersecurity Expert

Alexandria, VA, April 14, 2015 – Cybersecurity strategist George M. Schu says the emerging Internet of Things (IoT) will expose the global aviation industry to vulnerabilities at a level never before seen and will have a transformative impact on the industry.

According to Schu, “While the IoT promises to introduce enormous efficiencies and enhancements to aviation just as it is to other market segments, malware, or malicious software, is used by hackers with intent to disrupt operations, steal proprietary information, or compromise privacy.”

“The aviation industry is five times more likely to be exposed to malware.  Theft of customer data, intellectual property, and airfreight data are likely top motivations for targeting users in the aviation industry,” he said.

The IoT enables automated communications between machines. The term IoT can include the type of Radio Frequency Identification tags that businesses place on products in stores to monitor inventory; the Smart Grid, which modernizes the electrical grid by harnessing digital technologies; and Internet-connected jet engines and drills on oil rigs.

“Indeed, there are great benefits to be realized for aviation with IoT — more efficient aircraft routing, enhanced traveller experience, leveraging the sharing economy and an increased number of aircraft in a more connected ecosystem of aviation,” he said, “but aviation leaders need to be cautious about how it is implemented.”

A report released this January by the Federal Trade Commission (FTC) addresses the security and privacy issues related to the IoT. Though this report is primarily focused on the impact of the IoT on the security and privacy in the consumer market, it raises issues that pertain to other markets such as transportation and aviation.

“We are at the beginning of the IoT era.  The FTC reports that six years ago, for the first time, the number of things connected to the Internet surpassed the number of people.  Estimates are that there will be 25 billion connected devices this year, and by 2020 there will be 50 billion. Related to the IoT phenomenon is the growth of Machine-to-Machine (M2M) connections,” he said.

Three and one-half billion sensors are already in the marketplace, and the expectation is that number will increase to trillions within the next decade.   Schu said the confluence of IoT and M2M connections is staggering to contemplate.  Both will drive new innovation and economies across market verticals.

In the current Annual Security Report issued by CISCO, aviation is cited in the top five market verticals most vulnerable to malware exposure.

Schu believes that aviation leaders need to ensure that standards for IoT implementation and security are adopted and strictly used, not just for the aviation industry itself, but for its partners and suppliers as well.  “Your suppliers can become your weakest link,” he said.

About George M. Schu

George Schu is a cybersecurity strategist with Stangarone & Associates, an aerospace and aviation consultancy based in Washington DC. Schu served as a Booz Allen Hamilton Partner and Senior Vice President for seven years.  He provided data integrity solutions for a large multinational financial services company and delivered regular in-person reports to the Board of Directors.  He led an initiative to help the electrical utilities industry understand cyber vulnerabilities to the electric grid.  He also led multiple businesses supporting Departments of Homeland Security, Justice and other US civilian agencies’ cybersecurity missions.

Before joining Booz Allen, Schu was at VeriSign where he was Vice President, Public Sector, responsible for building a new sales group from the ground up.  He led sales, consulting services and business development teams that accounted for substantial growth of VeriSign’s information security business.  He was also responsible for M&A efforts at VeriSign aimed at growing the government market business.  He conducted search and due diligence of technology companies to take VeriSign business to the next level. Prior to VeriSign, Schu worked for Oracle Corporation where he led a team focused on growing Oracle Information Security solutions in various enterprises.  He had a track record of successfully creating demand for Oracle products through innovative marketing, solution selling and thought leadership.