Aviation cybersecurity is an increasingly important problem for not only our nation but also the whole world. From vulnerabilities in avionics embedded system critical for flight operations in an aircraft to a wider network of international airports, cyber threats are more pervasive in aviation today. Airport and airlines face millions of cyberattack attempts annually and this trend will persist. A recent report from Europe in 2021, for example, shows cyberattacks on aviation increased by 530% in a year.
Embry-Riddle Aeronautical University—Prescott, AZ, is a NCAE-C leading aviation cybersecurity education and research. It is also a National Science Foundation (NSF) Scholarship for Service (SFS) institution for aviation and aerospace cybersecurity. The Aviation Information Sharing and Analysis Center (A-ISAC) is an international, non-profit organization that fosters information sharing and collaboration between different stakeholders in the community. They enable trusted sharing of vulnerabilities, threat intelligence, and best practices so that the aviation industry’s is better prepared to manage cyber risks and incidents.
In this presentation, we will talk about a recent collaboration between the NCAE-C at Embry-Riddle Aeronautical University—Prescott and the Aviation ISAC. The collaboration aimed at designing and developing an aviation-themed cybersecurity competition and offering the competition at DEF CON Aerospace Village and Aviation ISAC Annual Summit in 2020. The goal was to raise awareness both of aviation-specific challenges for the cybersecurity community and of cybersecurity issues to the aviation ecosystem, and foster talent in the subject areas.
This NCAE-C innovated and developed a novel aviation-themed Capture-The-Flag (CTF) competition. The story involved a group of hackers attacking and compromising a tier-1 airport with insider help, including ticketing kiosks, airline servers, flight information displays, transportation security, runway lights, aircraft, and more. The competition participants are the defenders, who are required to help regain control of compromised systems, prevent an aircraft from taking off, identify the insiders, and help bring normalcy back at the airport and its surrounding airspace. The CTF focused on knowledge, skills, and abilities in cybersecurity (e.g., password cracking, log analysis, computer forensics, and ethical hacking), intelligence (e.g., OSINT), and aviation (e.g., crew, avionics, air traffic control communications, airline operations, security screening, airport information systems, and aviation cyber-physical systems).
The presentation will overview the CTF project and discuss some challenges we faced in it. For example, following the pandemic outbreak, both DEF CON and Aviation ISAC Summit went into safe mode and all-virtual. The competitions were redeveloped and offered virtually, so that participants could register and participate in the competition from their remote locations. On the other hand, both competitions were free and open to anyone in the world. We had over 200 participants from many countries participate in our cyber competition. We will also talk about some of our future work in this area.