The increased scope and complexity of connectivity technology on aircraft and in aviation infrastructure, such as networked air traffic control systems, makes their operators more vulnerable to cyber attacks. This is a challenge that Raytheon has long been confronting in protecting its own technology, and increasingly the U.S.-based group is making itself available to help other companies.
“Increased connectivity creates more interception points malware can come through,” explained Bob Delorge, vice president for transportation and support services with Raytheon’s Intelligence, Information and Services division, pointing out that increased levels of connectivity between program partners, suppliers and service providers only increases vulnerability from cyber attacks aimed at compromising system performance, stealing intellectual property and data or extorting money from companies.
This week at the Paris Airs Show, Raytheon is unveiling its new Cyber Protection System offering scalable cCyber rResponse cCenters for defense, intelligence and commercial customers. The three levels of service—pPrimary, eEnterprise and nNational—cover network data speeds ranging between 20 and 100 gigabytes per second.
The centers provide intrusion detection, network analysis and incident response that Raytheon says proactively protect against cyber threats. They can also be adapted to take account of other issues, such as insider threat detection.
Raytheon has extensive experience of implementing cyber security strategy, mainly through its initiatives in cyber intrusion detection and the need to ‘cyber harden’ military aircraft platforms, such as the Bell Boeing V-22 tiltrotor and the Northrop Grumman Global Hawk UAV. Its support for other companies and organizations generally starts with a comprehensive vulnerability assessment, which defines what may be required for risk mitigation, threat intelligence, hunting and remediation.
“The assessment can help to define system architecture so that, for instance, you may choose not to connect some parts of it or find other ways to make breaks that block interception points,” Delorge told AIN. “Board members need to be having this discussion, and cyber security should be on everyone’s frontal lobe, but many companies are not yet addressing cybersecurity to the extent that we are.”
Major defense procurement programs now have complex cyber security requirements, and the major OEMs are generally quite attuned to the issue. However, in Delorge’s view, there is some complacency about the threat further down the aerospace supply chain.
Over the past 15 years, Raytheon (Static Display B8) has acquired around a dozen specialist companies to boost its cyber security capability. A couple of years ago, it stepped up research and development work on protecting avionics systems. This resulted in applications such as one that can determine in real time whether or not an error message in the cockpit is legitimate or could indicate a cyber attack. This gives pilots the information they need to decide whether or not a mission should be aborted.
The industry now faces cyber security threats posed by perpetrators ranging from individual criminals to hostile nation states. “There are millions of attacks now, and companies need to work on the assumption that one of them will get through and be ready to deal with this,” concluded Delorge.