Resiliency of the NAS • Management of NAS Infrastructure and Technology Management

Challenges: • Technical: existing and emerging systems support the needed function and performance
requirements. • Operational: Proactively maintain and evolve the NAS through robust designs,
implementation, maintenance and logistics methodologies. • Schedule: develop an overall framework to
incorporate outcomes into function and performance requirements, risk and opportunities strategies,
research & development tasks, and inter-agency partnerships. • Organizational: consolidate resiliency
efforts and contingency strategies

Technical: How will the Future NAS support resiliency. What are the NAS elements (services, facility,
systems and workforce) and risks that impacts operations and constrain the NAS from meeting resiliency
goals? • Operational: Is a NAS availability of C sufficient to meeting our NAS resiliency goals? • Technical:
Do the NAS CNS-ATM systems have a sufficient functional architecture and appropriate level of
performance to provide services when needed to meet NAS resiliency goals?

Resiliency definition is: Resiliency: The ability of a system to maintain an acceptable level of service
during system failure scenarios and/or degraded facility conditions and prevent or mitigate impact to air
traffic operations.
AS Infrastructure & Technology Management 6 Challenges: • Schedule: technology rate of
transformation (long acquisition timeline vs. fast technology market cycle time). • Organizational:
technology-centric strategies that bias acquisitions and technical refreshes. • Driven by cost and
schedule at expense of function and performance. • Current Culture of technology-based driven
acquisition. • Reactionary vs Proactive strategic planning • Availability of resources and time for
analyses to be completed before program initiation • Organizational: leverages rapid capability office
structures and processes.
Key Questions: • Capability: Can the use of system-of-systems modeling techniques in the AMS process
enable the ability to forecast future infrastructure needs? • Organizational: Can the systems engineering
process support the technical discovery and application of new technologies, new uses for existing
technologies and increased collaboration between CNS-ATM asset owners/operators and consumers? •
Organizational: How to best link the Top-Down (theoretical) with the Bottom-Up (reality) approach while
leveraging insights on customer behavior and emerging trends to inform the macro infrastructure
agenda. • Policy: How to develop a benefits case that balances stakeholders moving towards a “quad
bottom line” : • Improved performance (capacity, reliability, availability, service delivery). • Greater
social benefits • Improved environmental benefits • Better financial return
It is no secret that organisations across the globe are routinely confronted with a vast array of
sophisticated cyber-threats and attacks. However, with cyber-attack occurrences increasing at an
alarming rate and as the rapid evolution of novel cyber-threats persists, organisations are starting to
look at cybersecurity through a new lens of severity. One study analysing 1,200 large organisations
across 16 countries reveals that the number of material breaches rose 20.5% from 2020 to 2021, and
cybersecurity budgets as a percentage of firms’ total revenue jumped 51%. Undeniably, as cybersecurity
reaches a critical inflection point, CIOs and CISOs must enhance their understanding of cybercrime and
its recent evolution.
How have cyber-crimes evolved in recent years? Olsson explains, “Digitisation is increasing year after
year, and the number of computers and internet accesses per inhabitant is exploding. Therefore, the
number of vulnerable people and access points is increasing.” “As the economic benefits of complex
cybercrime become greater, organised crime groups are becoming far more likely to engage in this type
of crime,” he continues. “This, in combination with the fact that it has become easier to hide one’s
identity and transactions and operate from countries with whom we do not exchange information,
makes it more attractive as the risk of being arrested is extremely small.

How have cyber-crime prevention plans adapted to this evolution? “Both internationally and nationally,
the importance of Private-Public-Partnership (P3) is highlighted because the police themselves cannot
solve the situation. As such, crossborder cooperation is required not only between police authorities,
but with all other sectors of society,” Olsson says. “The issue of enabling these crimes is increasingly
raised in media and political agendas, enabling legislation to be adapted (albeit, slowly) to digitalisation.
Additionally, major efforts are being made to make the public, companies, and organisations more
aware of the danger we all live in and what we must do to protect ourselves. One answer is the
construction of National Cyber Security Centers (NCSC) in all countries. While this does not solve
everything, it is certainly a step in the right direction,” he shares.
Executive Summary

The nation has steadily improved its ability to respond to major disasters and the power outages that
often result. But increasing threats—whether severe natural disasters, cyber-physical attacks,
electromagnetic events, or some combination—present new challenges for protecting the national
power grid and recovering quickly from a catastrophic power outage. The President’s National
Infrastructure Advisory Council (NIAC) was tasked to examine the nation’s ability to respond to and
recover from a catastrophic power outage of a magnitude beyond modern experience, exceeding prior
events in severity, scale, duration, and consequence. Simply put, how can the nation best prepare for
and recover from a catastrophic power outage, regardless of the cause? After interviews with dozens of
senior leaders and experts and an extensive review of studies and statutes, we found that existing
national plans, response resources, and coordination strategies would be outmatched by a catastrophic
power outage. This profound risk requires a new national focus. Significant public and private action is
needed to prepare for and recover from a catastrophic outage that could leave large parts of the nation
without power for weeks or months, and cause service failures in other sectors— including water and
wastewater, communications, transportation, healthcare, and financial services—that are critical to
public health and safety and our national and economic security

What is a catastrophic power outage? • An event beyond modern experience that exhausts or exceeds
mutual aid capabilities • Likely to be no-notice or limited-notice and could be complicated by a cyber-
physical attack • Long duration, lasting several weeks to months due to physical infrastructure damage •
Affects a broad geographic area, covering multiple states or regions and affecting tens of millions of
people • Causes severe cascading impacts that force critical sectors—drinking water and wastewater
systems, communications, transportation, healthcare, and financial services—to operate in a degraded
state

Recommendations The United States should respond to this problem in two overarching ways: 1) design
a national approach to prepare for, respond to, and recover from catastrophic power outages that
provides the federal guidance, resources, and incentives needed to take action across all levels of
government and industry and down to communities and individuals; and 2) improve our understanding
of how cascading failures across critical infrastructure will affect restoration and survival. There are a
number of ongoing initiatives in both the public and private sector that are in line with our
recommendations. We urge the continued advancement of these initiatives in conjunction with our
recommendations. The NIAC was challenged to examine events that are beyond our nation’s
experience, yet would impact nearly every jurisdiction, industry, and citizen. The solutions we identified
will require strong public-private collaboration—as the NIAC has recommended previously—to address
the scale and significance of catastrophic power outages.

Next Steps Our recommendations provide a path forward for enhancing the nation’s capabilities. These
actions require a whole-of-nation approach and strong public-private collaboration. Given the
importance of this issue and the number of ongoing efforts, we request the National Security Council
(NSC)—working with the lead agencies identified—provide a status update to the NIAC within nine
months of the report’s approval on how our recommendations are being implemented, progress being
made on the ongoing initiatives, or any significant barriers to implementation.
 For the smooth operation of an airport, it is necessary to
be prepared for site-specific risks. Even a minor breach
of security can have far-reaching consequences. There
are several risks, such as
Dangerous operating situations: A fuel leak or leak of
hazardous chemicals, accident, technological
breakdown, or a fire can occur at any airport and lead to
significant damage, especially if the staff do not respond
promptly.
A number of commentators have suggested that automated
systems used in the aviation industry may contain weaknesses
that may allow aircraft to be hacked and remotely controlled,
with potentially catastrophic consequences. While there is
little solid evidence surrounding the feasibility of such a
hacking, it is undeniable that aviation is now more reliant than
ever on automation and that the cybersecurity underlying this
automation is of vital importance in ensuring there is no risk to
aircraft or, as a consequence, to passengers and other
physical assets.

Airports & Operational Technology: 4 Attack Scenarios Reference: Memo [190404-2] Date: 04/04/2019 -
Version: 1.0 Keywords: Transportation, Aviation, Airports Key Points  Security in global aviation is
increasingly dependent on vulnerabilities in information technology (IT) and operational technology (OT)
systems.  Airports are using several critical OT systems (e.g. baggage control, runway lights, air
conditioning, and power).  More than a hundred unique exploits have been spotted since the
publication of proofs of concept and payload creation tools, after the disclosure.  Four important risk
vectors have been more specifically identified: Baggage Handling, Aircraft Tugs, De-icing Systems, Fuel
Pumps. Summary A recent article relayed by the US Aviation Information Sharing & Analysis Centre (A-
ISAC) is focusing on vulnerabilities across airport operational technology (OT) networks. Critical airport
systems making use of OT include baggage control, runway lights, air conditioning, and power, and
they're managed by means of network-connected digital controllers. According to the article, they are
much less organised than conventional IT networks, are rarely monitored as closely, and are often left
untouched for years. It's an emerging threat that has sparked the attention of dozens of airport Chief
Information Security Officer(s). The article goes on and identify four important risk vectors.  Threat 1:
Baggage Handling. These systems are extremely attractive targets for an attack because they can be
executed remotely; the attacker wouldn't even need to board the plane. All that's required is for a single
person to fall for a simple phishing email and an attacker can introduce OT-specific malware into the
airport network. This malware will find its way to the baggage handling system to execute the attack. 
Threat 2: Aircraft Tugs. Attackers could potentially hijack a tug's weight sensors and back a large jet into
a gate at the velocity used for a small plane, causing it to crash through the wall of the airport.  Threat
3: De-icing Systems. The liquid chemicals used for de-icing are stored at on-site facilities. These facilities
use OT devices to regulate and maintain the composition of de-icing chemicals. If those systems were
attacked and the composition of the solution altered, this could easily cause ice to form on the body of a
plane. Tampering with the aerodynamics of a plane by hacking into de-icing systems is one way to cause
it to crash without loading explosives onto it, which is likely why as obscure a risk vector as it is, de-icing
systems are often one of the first OT systems airports monitor.  Threat 4: Fuel Pumps. An attacker
could, for example, hack into a fuel farm, causing the wrong type or mixture of fuel to be pumped into a
plane, resulting in anything from engine problems to an explosion. Comments Security in global aviation
is increasingly dependent on vulnerabilities in information technology (IT) and operational technology
(OT) systems. OT is usually defined hardware and software dedicated to detecting or causing changes in
physical processes through direct monitoring and/or control of physical devices such as valves, pumps,
etc. Security reports published in aviation sector emphasis the increased IT/OT and Internet of Things
(IoT) convergence in avionics, navigation, communications and passenger information systems, in-flight
and ground services. The hyper-connectivity in aviation and aviation-related systems increases
complexity in managing security risks.
AS Infrastructure & Technology Management 6 Challenges: • Schedule: technology rate of
transformation (long acquisition timeline vs. fast technology market cycle time). • Organizational:
technology-centric strategies that bias acquisitions and technical refreshes. • Driven by cost and
schedule at expense of function and performance. • Current Culture of technology-based driven
acquisition. • Reactionary vs Proactive strategic planning • Availability of resources and time for
analyses to be completed before program initiation • Organizational: leverages rapid capability office
structures and processes.
Key Questions: • Capability: Can the use of system-of-systems modeling techniques in the AMS process
enable the ability to forecast future infrastructure needs? • Organizational: Can the systems engineering
process support the technical discovery and application of new technologies, new uses for existing
technologies and increased collaboration between CNS-ATM asset owners/operators and consumers? •
Organizational: How to best link the Top-Down (theoretical) with the Bottom-Up (reality) approach while
leveraging insights on customer behavior and emerging trends to inform the macro infrastructure
agenda. • Policy: How to develop a benefits case that balances stakeholders moving towards a “quad
bottom line” : • Improved performance (capacity, reliability, availability, service delivery). • Greater
social benefits • Improved environmental benefits • Better financial return

As the holiday season approaches, travelers and airport personnel are

gearing up for one of the busiest travel periods of the year. With
cybersecurity threats becoming more commonplace and disruptive,
operational technology (OT) cybersecurity posture needs to be a
priority for airports.

OT is the hardware and software used to monitor and control the

physical components of an industrial network. It is used in a variety of
industries to automate tasks, make data more convenient, and
interconnect networks for efficiency and effectiveness. Hackers
infiltrate these networks to shut down machines, steal data, make
ransomware demands and more.

Over the past several years, airports have become more connected
and efficient by adopting digitalized OT systems. Airports operate
many OT systems that are managed through IT architecture, including
baggage control, power, de-icing systems and fuel pumps.

In 2022 alone, airlines and airports have seen a multitude of

cyberattacks. In October, more than a dozen US airports
experienced denial of service (DoS) attacks that affected their operations and
travelers. Aviation services and logistics company Swissport
International suffered a ransomware attack in February that hit its IT
infrastructure and operations, causing flight delays. Passenger data
from nearly a dozen airlines around the world was also compromised
after hackers breached servers belonging to SITA in 2021.
A successful cyberattack on a critical airport system can be extremely
damaging. The outcome can range from slowing or stopping operations
to widespread panic.

The OT issue
International airports rely on a complex environment of OT, IT and IIoT
assets – all of which must be secured. When you think of airport
security, you generally picture physical security measures like
passenger screening machines. However, securing the systems and
networks that underpin operations is just as crucial.
Unfortunately, OT systems are rarely monitored as closely as IT
systems, making them more appealing to threat actors. They
frequently run on legacy software that exposes them to threats that
can jeopardize their high-availability requirements. As a result, airports
are vulnerable to OT cybersecurity attack scenarios such as baggage
system disruption, access of landing lights, doxing, disabling of
electronic signage and more.

Furthermore, both civilians and employees are present at airports,

making it a mixed and open environment. The whole network is highly
complex and connected, and it’s extremely difficult to gain visibility in
this large-scale environment. For example, airport personnel typically
have no visibility into how travelers are using different on-site wi-fi
networks.

How to protect airport security systems

Comprehensive OT asset visibility is the only way to identify and
maintain an inventory of all the airport’s digital assets and their
configuration details. This requires a contextualized view of all IT and
OT assets together and the airport environment’s digital security
posture.
Most of today’s OT cybersecurity solutions show the assets but lack
operational context. In other words, they do not provide insight into
the likely impact that device failure will have on the business.
Contextualization is crucial to making sound decisions regarding
potential threats that can have real-world impacts.
Although some airports have begun conducting OT cybersecurity
assessments, many are still very immature in their journeys. Few have
implemented comprehensive risk assessment, monitoring and
management solutions to gain a centralized view of all the risks
affecting their various OT, IT and IIoT assets.

It’s also important to note that these are extremely complicated

environments, so most airports will have to deploy multiple solutions
to provide adequate visibility. It is vital to choose an option that offers
scalability and meets the airport’s needs without requiring countless
changes to the environment.

The human factor

It’s not enough for airports to purchase and implement solutions;
personnel must ensure that all controls are configured properly and
enforced. Team members should be aware of the types of threats they
may encounter and must be taught basic cyber hygiene. Ensuring that
OT systems are secure and protected requires consistent effort from
all stakeholders.

The insider threat can be either unintentional or intentional.

 Unintentional Threat
o Negligence – An insider of this type exposes an organization to a threat through
carelessness. Negligent insiders are generally familiar with security and/or IT
policies but choose to ignore them, creating risk for the organization. Examples
include allowing someone to “piggyback” through a secure entrance point,
misplacing or losing a portable storage device containing sensitive
information, and ignoring messages to install new updates and security
patches.
o Accidental – An insider of this type mistakenly causes an unintended risk to an
organization. Organizations can successfully work to minimize accidents, but
they will occur; they cannot be completely prevented, but those that occur can
be mitigated. Examples include mistyping an email address and accidentally
sending a sensitive business document to a competitor, unknowingly or
inadvertently clicking on a hyperlink, opening an attachment that contains a
virus within a phishing email, or improperly disposing of sensitive documents.
 Intentional Threats - Intentional threats are actions taken to harm an organization
for personal benefit or to act on a personal grievance. The intentional insider is often
synonymously referenced as a “malicious insider.” The motivation is personal gain or
 harming the organization. For example, many insiders are motivated to “get even”
due to unmet expectations related to a lack of recognition (e.g., promotion, bonuses,
desirable travel) or even termination. Their actions include leaking sensitive
information, harassing associates, sabotaging equipment, or perpetrating violence.
Others have stolen proprietary data or intellectual property in the false hope of
advancing their careers.
 Other Threats
o Collusive Threats – A subset of malicious insider threats is collusive threats,
where one or more insiders collaborate with an external threat actor to
compromise an organization. These incidents frequently involve
cybercriminals recruiting an insider or several insiders to enable fraud,
intellectual property theft, espionage, or a combination of the three.
o Third-Party Threats – Additionally, third-party threats are typically
contractors or vendors who are not formal members of an organization, but
who have been granted some level of access to facilities, systems, networks, or
people to complete their work. These threats may be direct or indirect threats.
 Direct threats are individuals who act in a way that compromises the
targeted organization.
 Indirect threats are generally flaws in systems that expose resources to
unintentional or malicious threat actors.

 occur; they cannot be completely prevented, but those that occur can be mitigated.
Examples include mistyping an email address and accidentally sending a sensitive
business document to a competitor, unknowingly or inadvertently clicking on a
hyperlink, opening an attachment that contains a virus within a phishing email, or
improperly disposing of sensitive documents.

Exposure Draft Transport Security

Amendment (Critical Infrastructure) Bill
2022
The Department is proposing a number of legislative reforms to the Aviation
Transport Security Act 2004 (ATSA) and the Maritime Transport and Offshore
Facilities Security Act 2003 (MTOFSA). The proposed reforms will implement an
enhanced critical infrastructure security regulatory regime for the aviation and
maritime transport sectors. The proposed amendments to the ATSA and MTOFSA
are captured in the Transport Security Amendment (Critical Infrastructure) Bill 2022
(TSACI Bill).
The TSACI Bill seeks to transition the regulatory framework for the aviation and
maritime transport sectors from a focus on unlawful interference (terrorism) to
encompass an enhanced ‘all hazards’ regulatory framework. The enhanced ‘all
hazards’ regulatory framework will encompass any threat that could impact on the
confidentiality, integrity, availability, or reliability of an industry participant’s
operations. This forms part of the Australian Government’s critical infrastructure
reforms and will support a general uplift in security and resilience across the
Australian economy.

(a) Offenses against the confidentiality, integrity and availability of computer data and systems:

(3) Data Interference. — The intentional or reckless alteration, damaging, deletion or

deterioration of computer data, electronic document, or electronic data message, without
right, including the introduction or transmission of viruses.

(4) System Interference. — The intentional alteration or reckless hindering or interference

with the functioning of a computer or computer network by inputting, transmitting, damaging,
deleting, deteriorating, altering or suppressing computer data or program, electronic
document, or electronic data message, without right or authority, including the introduction or
transmission of viruses.

(b) System interference