Safeguarding Skies: Airport Cybersecurity in the Digital Age

Chanond Duangpayap; Nuttaya Rujiratanapat; Sakulchai Saramat; Suphannee Sivakorn; Yotsapat Ruangpaisarn

arxiv: 2604.23545 · v1 · submitted 2026-04-26 · 💻 cs.CR

Safeguarding Skies: Airport Cybersecurity in the Digital Age

Suphannee Sivakorn , Nuttaya Rujiratanapat , Yotsapat Ruangpaisarn , Chanond Duangpayap , Sakulchai Saramat This is my paper

Pith reviewed 2026-05-08 06:05 UTC · model grok-4.3

classification 💻 cs.CR

keywords airport cybersecurityMITRE ATT&CKzero trust architectureaviation threatsransomwaresupply chain riskdenial of servicecybersecurity frameworks

0 comments

The pith

Airports can reduce cyber risks by mapping threats to standard attack categories and adopting zero trust defenses.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper systematically reviews physical and cyber threats facing airports through analysis of real-world incidents and existing literature. It applies the MITRE ATT&CK Matrix for the first time to organize these risks into recognized tactics and techniques. From this mapping the authors derive concrete recommendations for cybersecurity frameworks, zero trust architecture, supply chain protections, and defenses against ransomware and denial-of-service attacks. A reader would care because airports handle millions of passengers and goods daily, so disruptions from successful attacks carry immediate safety and economic costs. The work positions itself as a practical guide that translates scattered threat data into prioritized actions for aviation operators and regulators.

Core claim

By cataloging documented airport incidents and studies against the MITRE ATT&CK Matrix, the paper shows that common attack patterns fall into a limited set of categories that can be addressed through zero trust segmentation, rigorous vendor oversight, and targeted ransomware and denial-of-service controls, thereby giving stakeholders a structured way to prioritize limited security resources.

What carries the argument

The MITRE ATT&CK Matrix, applied here to classify airport-specific threats into standardized tactics, techniques, and procedures so that defenses can be matched to observed attack behaviors.

If this is right

Aviation operators gain a shared vocabulary for discussing threats that aligns with existing industry tools.
Resources can be allocated to the most frequent attack categories identified in the mapping rather than to hypothetical risks.
Zero trust architecture becomes a practical target for reducing lateral movement after an initial compromise.
Supply chain reviews gain priority because many mapped incidents trace to third-party vendors.
Ransomware and denial-of-service preparations can be tested against the specific techniques already observed at airports.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

The same mapping approach could be reused for other critical infrastructure such as seaports or rail networks that share similar vendor ecosystems.
Periodic re-mapping would be required as new attack tools appear, turning the review into a living reference rather than a one-time snapshot.
Physical and cyber security teams could coordinate more effectively if the matrix categories were linked to existing access-control procedures at terminals.

Load-bearing premise

The chosen collection of published incidents and papers already captures the full range of current airport cyber risks without important gaps or misclassifications.

What would settle it

A documented airport breach whose tactics fall outside every MITRE ATT&CK category used in the mapping, or a successful ransomware attack on an airport that had already implemented the recommended zero trust and supply-chain controls.

Figures

Figures reproduced from arXiv: 2604.23545 by Chanond Duangpayap, Nuttaya Rujiratanapat, Sakulchai Saramat, Suphannee Sivakorn, Yotsapat Ruangpaisarn.

**Figure 1.** Figure 1: Basic Network Segmentation for Airport Security. Malicious Hotspots. A malicious hotspot, also known as a "rogue access point" poses a significant threat to public Wi-Fi users. The attacker sets up a wireless access point with an identical SSID to deceive users, making users vulnerable to MITM or other network attacks [86] - [88]. 5.2 Insecure Network Architecture An insecure network architecture may allow… view at source ↗

**Figure 2.** Figure 2: DMZ subnet that separates an enterprise internal network from other untrusted networks e.g., the Internet. 7.4 Malware, Ransomware and Data Breach In addition to previously discussed security measures, airports should implement targeted strategies to detect malware and ransomware. The following mitigation strategies can strengthen an airport's cybersecurity posture: Endpoint Detection and Response (EDR). T… view at source ↗

read the original abstract

The aviation industry faces significant vulnerabilities from both physical and cybersecurity threats, highlighting the urgent need for enhanced cybersecurity measures amid increasingly sophisticated attacks. This paper systematically reviews emerging threats at airports, analyzing real-world incidents and relevant literature while mapping risks to the MITRE ATT&CK Matrix, a widely recognized knowledge base for categorizing cyberattack tactics, techniques, and procedures. This is the first to apply the MITRE Matrix to airport security risks, offering a novel approach to understanding and mitigating these challenges. Building on this analysis, the paper advocates for modern cybersecurity defense models, emphasizing Cybersecurity Frameworks and Zero Trust Architecture, as well as critical measures for supply chain risk management and strategies to mitigate ransomware and DoS attacks. Our analysis provides insights into vulnerabilities and actionable recommendations, serving as a comprehensive guide for aviation stakeholders to strengthen defenses against evolving cybersecurity threats.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

A basic review that maps known airport threats to MITRE ATT&CK and lists standard mitigations, but the 'first application' claim and review method are not supported by any details.

read the letter

This paper collects real-world airport cyber incidents and literature, then maps the risks onto the MITRE ATT&CK matrix while recommending Zero Trust, supply-chain controls, and ransomware defenses. That is the core of what it does. The organization into an existing framework can make scattered threat information easier to scan for people who run airport systems. The concrete examples from past events give it some practical flavor that pure theory papers lack. Beyond that, there is no new technique, dataset, or derivation. The work stays inside synthesis and advocacy for models that are already widely discussed elsewhere. The soft spots stand out quickly. The abstract asserts this is the first MITRE mapping for airports, yet it shows no evidence of a targeted search for earlier aviation or airport applications of the same matrix. If any prior paper did comparable work, even on a narrower slice, the claim fails. The description of the review itself is also thin: no search terms, date ranges, inclusion rules, or steps taken to check mapping accuracy. Without those, it is impossible to judge whether the coverage is complete or whether selection bias crept in. For a review paper the method section is the main thing that carries the weight, and here it is missing. This is aimed at aviation security staff or policymakers who want a single document that ties incidents to tactics and lists familiar defenses. Researchers or people looking for fresh technical results will not find them. The paper deserves peer review only if the full text adds a clear, reproducible review protocol and an explicit check against prior MITRE uses in the aviation domain. Without those additions it is routine enough that most editors would desk-reject it.

Referee Report

2 major / 1 minor

Summary. The manuscript presents a systematic review of cybersecurity threats facing airports, drawing on real-world incidents and literature to map risks onto the MITRE ATT&CK Matrix; it asserts novelty as the first such application, then recommends adoption of cybersecurity frameworks, Zero Trust Architecture, supply-chain risk management, and specific mitigations for ransomware and DoS attacks.

Significance. If the mappings are shown to be comprehensive and the novelty claim is substantiated through documented prior-art searches, the work could supply aviation stakeholders with a standardized, actionable taxonomy for prioritizing defenses in an increasingly digitized environment. The emphasis on established frameworks and timely recommendations for Zero Trust and supply-chain controls adds practical relevance.

major comments (2)

[Abstract] Abstract: the assertion that 'This is the first to apply the MITRE Matrix to airport security risks' is load-bearing for the paper's contribution yet is unsupported by any description of a prior-art search (search terms, databases, date range, or exclusion criteria targeting earlier MITRE applications in aviation). Without this, the novelty claim cannot be evaluated.
[Systematic review description] Systematic review description: the paper states it 'systematically reviews' threats and maps them to MITRE ATT&CK but supplies no search protocol, inclusion/exclusion criteria, number of sources screened, or validation steps for the mappings. This omission directly affects the reliability of the risk analysis that underpins all subsequent recommendations.

minor comments (1)

[Abstract] The abstract would be clearer if it stated the number of incidents and papers reviewed and briefly noted the time period covered.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive and detailed feedback on our manuscript. We address each major comment below and will revise the paper to improve the transparency of our methodology and the substantiation of our novelty claim.

read point-by-point responses

Referee: [Abstract] Abstract: the assertion that 'This is the first to apply the MITRE Matrix to airport security risks' is load-bearing for the paper's contribution yet is unsupported by any description of a prior-art search (search terms, databases, date range, or exclusion criteria targeting earlier MITRE applications in aviation). Without this, the novelty claim cannot be evaluated.

Authors: We acknowledge that the novelty claim requires explicit support through a documented prior-art search to allow proper evaluation. The current manuscript does not describe the search process used to establish that this is the first application of the MITRE ATT&CK matrix to airport security risks. In the revised version, we will add a dedicated subsection on prior art that details the search strategy, including databases (e.g., Google Scholar, IEEE Xplore, ACM Digital Library), search terms (such as combinations of 'MITRE ATT&CK', 'airport', 'aviation', and 'cybersecurity'), date range, and exclusion criteria. This will substantiate or appropriately qualify the claim. revision: yes
Referee: [Systematic review description] Systematic review description: the paper states it 'systematically reviews' threats and maps them to MITRE ATT&CK but supplies no search protocol, inclusion/exclusion criteria, number of sources screened, or validation steps for the mappings. This omission directly affects the reliability of the risk analysis that underpins all subsequent recommendations.

Authors: We agree that the absence of a detailed review protocol limits the transparency and perceived reliability of the analysis. Although the manuscript presents the results of our review and the mappings to MITRE ATT&CK, it does not include the underlying search and validation methods. We will revise the paper by adding a 'Review Methodology' section that specifies the search protocol, inclusion/exclusion criteria (e.g., peer-reviewed literature and incident reports from 2015–2024), the number of sources screened and included, and the validation approach for the mappings (such as cross-referencing with primary incident sources). This will strengthen the foundation for the subsequent recommendations. revision: yes

Circularity Check

0 steps flagged

No circularity: literature review with external mapping and novelty claim

full rationale

The paper is a systematic literature review that maps airport cybersecurity incidents to the pre-existing MITRE ATT&CK Matrix and recommends standard frameworks (Zero Trust, supply-chain controls). It contains no equations, derivations, fitted parameters, or self-referential definitions. The statement 'This is the first to apply the MITRE Matrix to airport security risks' is a factual novelty assertion resting on the authors' selection of cited incidents and literature; it does not reduce any derived quantity or result to an input defined by the paper itself. No self-citation chains, uniqueness theorems, or ansatz smuggling appear. The work is therefore self-contained against external benchmarks and receives score 0.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

This is a literature review paper. No new mathematical parameters, axioms, or invented entities are introduced beyond standard cybersecurity concepts already present in the cited literature.

pith-pipeline@v0.9.0 · 5461 in / 1144 out tokens · 68506 ms · 2026-05-08T06:05:13.378355+00:00 · methodology

discussion (0)

Reference graph

Works this paper leans on

135 extracted references · 3 canonical work pages

[1]

Airport authorities undertake substantial efforts to prevent unlawful interference and ensure their security practices meet current standards

Introduction In the physical domain, airport security entails the screening of passengers, baggage, cargo, and the fortification of secure areas within the airport premises. Airport authorities undertake substantial efforts to prevent unlawful interference and ensure their security practices meet current standards. However, in the realm of technology, cyb...

work page doi:10.14416/j.it/2025.v2.005 2017
[2]

Smart Airport

Background Understanding airport technologies, threat actors, and recent high-profile incidents highlights the need for stronger security measures. This section examines airport technology, cybersecurity concerns, the landscape of cyber threat actors, and notable attack incidents. 2.1 Airport Technology and Security Concerns Airport operations have transf...
[3]

- [16]. 2: Cybercrime: Attackers in this category target systems for valuable and sensitive information from passengers and airport employees [17] - [21], particularly those that are internet-facing or publicly accessible [17]. 3: Peer Group Service Disruption: Hackers motivated by political agendas or beliefs whose focus is on service disruptions rather ...

2022
[4]

Our goal is to identify and delineate the prevailing cybersecurity threats and risks, categorizing them in alignment with the MITRE ATT&CK Matrix

Research Methodology This study synthesizes recent airport cybersecurity incidents, literature, insights from online sources, and an examination of various cybersecurity standards and policies. Our goal is to identify and delineate the prevailing cybersecurity threats and risks, categorizing them in alignment with the MITRE ATT&CK Matrix. By systematicall...
[5]

airport AND cybersecurity

Literature Review We conduct a comprehensive literature review by searching academic databases, including Google Scholar, ResearchGate, Scopus, and Web of Science, using the following keywords: "airport AND cybersecurity", "aviation AND cybersecurity", "airport AND information security", "airport AND IT security", "smart airport", and "airport AND cyber r...
[6]

- [47]. These studies analyze vulnerabilities and mitigations, with examples including man-in-the-middle attacks between aircraft and ground control [42], the lack of encryption in the Automatic Dependent Surveillance-Broadcast (ADS-B) [43], [45], and the security concerns related to digitization of the Traffic Collision Avoidance System (TCAS) [44]. Thes...

2025
[7]

- [64]. Numerous works study airport cybersecurity incidents [55] - [60], including threat actor typologies [58], [61] and associated risks and threats in relation to ICAO (International Civil Aviation Organization) standards [55], which encompass the entire spectrum of airport security risks. Standards and Regulations. Publications in this category revie...
[8]

juice jacking

Airport Security Risks This section provides detailed exploration of cybersecurity risks associated with attack vectors (Section 2.3) and those identified in our literature review (Section 4). 5.1 Public-facing Accesses BYOD. The practice of Bring-Your-Own-Device (BYOD) commonly raises concern due to the exposure of organizations to vulnerabilities [71], ...

2025
[9]

This widely adopted cybersecurity knowledge base outlines the tactics, techniques and procedures (TTPs) utilized globally for threat analysis and security defenses

Airport Security Risks and MITRE ATT&CK Matrix This section provides a comprehensive analysis of the security risks faced by airports, categorizing these risks in alignment with the MITRE ATT&CK Matrix for Enterprise (or MITRE Matrix) [98]. This widely adopted cybersecurity knowledge base outlines the tactics, techniques and procedures (TTPs) utilized glo...

2024
[10]

Public-facing Accesses • • •
[11]

Insecure Network Architecture • • •
[12]

Internet-facing Applications and Services • •
[13]

Social Engineering Attacks • • • • •
[14]

Malware and Ransomware • • • • • • • • • •
[15]

Data Breach • • • • • • • • • •
[16]

Supply Chain and Third Party • • • •
[17]

Insider Threats • • •
[18]

DoS • The ́sign ́● ́indicates ́that ́the ́airport ́security ́risk ́shown ́can ́be ́categorized ́according ́to ́the ́specific ́MITRE ́Matrix ́technique. Associated MITRE Initial Access Tactic (TA0001) ID Technique T1659 T1189 T1190 T1133 T1200 T1566 T1091 T1195 T1199 T1078 Content Injection Drive-by Compromise Exploit Public-Facing Application External Rem...

2025
[19]

Demilitarized Zone

Modern Defenses for Airport Security In this section, we outline modern security defense strategies and best practices specifically designed for airport. The key focus areas include the adoption of Cybersecurity Frameworks and the implementation of Zero Trust Architecture, along with additional defenses addressing the identified risks in previous sections...

2025
[20]

Cyber threats are continuously evolving and becoming more sophisticated, and diversified

Challenges and Future Research Directions While a range of defenses have been detailed, significant challenges remain that must be addressed in order to further enhance airport cybersecurity Evolving Threat Landscape. Cyber threats are continuously evolving and becoming more sophisticated, and diversified. This necessitates ongoing research and airport ad...
[21]

Conclusion This paper explores the critical area of airport cybersecurity, highlighting the seriousness of emerging threats in this domain. Through insights gained from recent real-world incidents and a systematic literature review, we conducted a comprehensive analysis and categorized major cybersecurity risks confronting airports, aligned with the MITRE...
[22]

Smart Airport Cybersecurity: Threat Mitigation and Cyber Resilience Controls

G. Lykou, A. Anagnostopoulou, and D. Gritzalis. "Smart Airport Cybersecurity: Threat Mitigation and Cyber Resilience Controls." Sensors, V ol. 19, No. 1, 2019

2019
[23]

Available Online at https:// www.eurocontrol.int/publication/eurocontrol- think-paper-12-aviation-under-attack-wave-cyber crime, accessed on 1 February 2024

EUROCONTROL, Aviation under Attack from a Wave of Cybercrime. Available Online at https:// www.eurocontrol.int/publication/eurocontrol- think-paper-12-aviation-under-attack-wave-cyber crime, accessed on 1 February 2024

2024
[24]

Business Insurance, US to add cybersecurityrequirements for critical aviation systems. Available Online at https://www.businessinsurance.com/article/20221012/ NEWS06/912353045/US-to-add-cybersecurity-re quirements-for-critical-aviation-systems, accessed on 1 February 2024. Research Paper: Safeguarding Skies: Airport Cybersecurity in the Digital Age 58 59ว...

work page arXiv 2024
[25]

IATA, Compilation of Cyber Security Regulations, Standards, and Guidance Applicable to Civil Aviation Edition 3.0. Available Online at https://www.iata.org/ contentassets/4c51b00fb25e4b60b 38376a935e278b/compilation-of-cyber-regulations- standards-and-guidance3.0.pdf, accessed on 1 February 2024

2024
[26]

A Holistic Review of Cybersecurity and Reliability Perspectives in Smart Airports

N. Koroniotis, N. Moustafa, F. Schiliro, P. Gauravaram, and H. Janicke. "A Holistic Review of Cybersecurity and Reliability Perspectives in Smart Airports." IEEE Access, V ol. 8, pp. 209802-209834, 2020

2020
[27]

Fattah, H

A. Fattah, H. Lock, W. Buller, and S. Kirby. Smart Airports: Transforming Passenger Experience to Thrive in the New Economy. Available Online at https://www.cisco.com/c/dam/en_us/about/ac79/ docs/pov/Passenger_Exp_POV_0720aFINAL.pdf, accessed on 1 February 2024

2024
[28]

Available Online at https:// shorturl.at/1lsGo, accessed on 1 February 2024

TSA, 20 years after 9/11: The state of the transportation security administration. Available Online at https:// shorturl.at/1lsGo, accessed on 1 February 2024

2024
[29]

Implementing Cyber Security Measures in Airports to Improve Cyber Resilience

G. Lykou, A. Anagnostopoulou, and D. Gritzalis. "Implementing Cyber Security Measures in Airports to Improve Cyber Resilience." Proceedings of the 2018 Global Internet of Things Summit, pp. 1-6, 2018

2018
[30]

Adoption of Industry 4.0 Technologies in Airports - A Systematic Literature Review

J. H. Tan and T. Masood. "Adoption of Industry 4.0 Technologies in Airports - A Systematic Literature Review." ArXiv, pp. 1-25, 2021

2021
[31]

Understanding the Adoption of Industry 4.0 Technologies in Improving Environmental Sustainability

M. Javaid, A. Haleem, R. P. Singh, R. Suman, and E. S. Gonzalez. "Understanding the Adoption of Industry 4.0 Technologies in Improving Environmental Sustainability." Sustainable Operations and Computers, V ol. 3, pp. 203 - 217, 2022

2022
[32]

Cyber Security for Airports

K. Gopalakrishnan, M. Govindarasu, D. Jacobson, and B. M. Phares. "Cyber Security for Airports." International Journal for Traffic and Transport Engineering (IJTTE), V ol. 3, No. 4, pp. 365-376, 2013

2013
[33]

Available Online at https://www.bloomberg.com/news/articles/2021-06-04/ hackers-breached-colonial-pipeline-using-com promised-password, accessed on 1 February 2024

Bloomberg, Colonial Pipeline Cyber Attack: Hackers Used Compromised Password. Available Online at https://www.bloomberg.com/news/articles/2021-06-04/ hackers-breached-colonial-pipeline-using-com promised-password, accessed on 1 February 2024

2021
[34]

Available Online at https://www.cnn.com/2022/05/26/ politics/new-jersey-somerset-county-ransomware- attack, accessed on 1August 2023

CNN, Ransomware attack hits New Jersey county. Available Online at https://www.cnn.com/2022/05/26/ politics/new-jersey-somerset-county-ransomware- attack, accessed on 1August 2023

2022
[35]

Available Online at https:// threatpost.com/ransomware-attack-new-jersey, accessed on 1 February 2024

Threatpost, N.J.'s Largest Hospital System Pays Up in Ransomware Attack. Available Online at https:// threatpost.com/ransomware-attack-new-jersey, accessed on 1 February 2024

2024
[36]

Available Online at https://www.mandiant

Mandiant, Advanced Persistent Threats (APTs) -- Threat Actors & Groups. Available Online at https://www.mandiant. com/resources/insights/apt- groupsm, accessed on 1 June 2023

2023
[37]

Available Online at https://www.zdnet

ZDNET, Russian state hackers behind San Francisco Airport Hack. Available Online at https://www.zdnet. com/article/russian-state-hackers-behind-san-fran cisco-airport-hack/, accessed on 1 February 2024

2024
[39]

Available Online at https://www.hstoday.us/subject-matter-areas/ transportation/long-beach-airports-website-taken- down-by-cyber-attack/, accessed on 1 June 2023

Homeland Security Today, Long Beach Airport’ s Website Taken Down By Cyber Attack. Available Online at https://www.hstoday.us/subject-matter-areas/ transportation/long-beach-airports-website-taken- down-by-cyber-attack/, accessed on 1 June 2023

2023
[40]

Available Online at https://therecord.media/queretaro-international-airport- mexico-cyberattack, accessed on 1 February 2024

The Record, Major Mexican airport confirms experts are working to address cyberattack. Available Online at https://therecord.media/queretaro-international-airport- mexico-cyberattack, accessed on 1 February 2024

2024
[41]

Available Online at https://ntvkenya

NTV , KAA confirms data breach, says no sensitive data leaked. Available Online at https://ntvkenya. co.ke/news/kaa-confirms-data-breach-says-no- sensitive-data-leaked/, accessed on 1 May 2023

2023
[42]

ปีีท ี� 21 ฉบัับัที� 2 กรกฎาคม - ธัันวาคม 2568 วารสารเทคโนโลยีีสารสนเทศ มจพ.ปีีท ี� 21 ฉบัับัที� 2 กรกฎาคม - ธัันวาคม 2568 Vol

Airport Technology, Ransomware attack on Swissport Research Paper: Safeguarding Skies: Airport Cybersecurity in the Digital Age 60 61วารสารเทคโนโลยีีสารสนเทศ มจพ. ปีีท ี� 21 ฉบัับัที� 2 กรกฎาคม - ธัันวาคม 2568 วารสารเทคโนโลยีีสารสนเทศ มจพ.ปีีท ี� 21 ฉบัับัที� 2 กรกฎาคม - ธัันวาคม 2568 Vol. 21, No. 2, July - December 2025 Information Technology Journal KMU...

2025
[43]

Available Online at https:// securityaffairs.com/157079/hacking/cyber-attack- hit-beirut-international-airport.html, accessed on 1 February 2024

Security Affairs, A Cyber Attack Hit The Beirut International Airport. Available Online at https:// securityaffairs.com/157079/hacking/cyber-attack- hit-beirut-international-airport.html, accessed on 1 February 2024

2024
[44]

Available Online at https://thecyberexpress

The Cyber Express, DDoS Cyberattack Hits Cairo International Airport: Anonymous Collective Claims Responsibility. Available Online at https://thecyberexpress. com/cairo-international-airport-cyberattack, accessed on 1 February 2024

2024
[45]

Available Online at https://brnodaily.com/2023/10/24/news/czech- police-interior-ministry-airport-websites-come-under- cyber-attack/, accessed on 1 February 2024

Czech Police, Interior Ministry, Airport Websites Come Under Cyber Attack. Available Online at https://brnodaily.com/2023/10/24/news/czech- police-interior-ministry-airport-websites-come-under- cyber-attack/, accessed on 1 February 2024

2023
[46]

Available Online at https:// therecord.media/canada-border-checkpoint-outages- ddos-attack-russia, accessed on 1 May 2023

The Record, Canada blames border checkpoint outages on cyberattack. Available Online at https:// therecord.media/canada-border-checkpoint-outages- ddos-attack-russia, accessed on 1 May 2023

2023
[47]

Available Online at https://techmonitor.ai/technology/ cybersecurity/opfrance-cyberattack-charles-de-gaulle- airport, accessed on 1 June 2023

Tech Monitor, Charles de Gaulle Airport website offline after suspected '#OpFrance' DDoS cyberattack. Available Online at https://techmonitor.ai/technology/ cybersecurity/opfrance-cyberattack-charles-de-gaulle- airport, accessed on 1 June 2023

2023
[48]

Available Online at https:// www.mirror.co.uk/travel/news/uk-airports-targeted- coordinated-russia-30504938, accessed on 1 February 2024

Mirror, UK airports targeted by coordinated Russia cyberattack groups. Available Online at https:// www.mirror.co.uk/travel/news/uk-airports-targeted- coordinated-russia-30504938, accessed on 1 February 2024

2024
[49]

Available Online at https://shorturl.at/7ACXL, accessed on 1 February 2024

Information Week, The DDoS Attack on German Airport Websites and What IT Leaders Can Learn. Available Online at https://shorturl.at/7ACXL, accessed on 1 February 2024

2024
[50]

Available Online at https://apnews.com/article/technology-business- atlanta-680cf93f7eb0300127448c35299ad66e, accessed on 1 February 2024

The Associated Press, Denial-of-service attacks knock US airport websites offline. Available Online at https://apnews.com/article/technology-business- atlanta-680cf93f7eb0300127448c35299ad66e, accessed on 1 February 2024

2024
[51]

Available Online at https://shorturl.at/Kvn9C, accessed on 1 February 2024

Euractiv, Italy target of major Russia-linked cyberattack, again. Available Online at https://shorturl.at/Kvn9C, accessed on 1 February 2024

2024
[52]

Available Online at https://cybermaterial.com/ cyberattack-hit-copenhagen-airport/, accessed on 1 February 2024

CyberMaterial, Cyberattack Hit Copenhagen Airport. Available Online at https://cybermaterial.com/ cyberattack-hit-copenhagen-airport/, accessed on 1 February 2024

2024
[53]

Available Online at https://www.wsj.com/articles/why-hackers-use- bitcoin-and-why-it-is-so-difficult-to-trace- 11594931595, accessed on 1 February 2024

The Wall Street Journal, Why Hackers Use Bitcoin and Why It Is So Difficult to Trace. Available Online at https://www.wsj.com/articles/why-hackers-use- bitcoin-and-why-it-is-so-difficult-to-trace- 11594931595, accessed on 1 February 2024

2024
[54]

Available Online at https://www

SecurityWeek, Data Stolen in Ransomware Attack That Hit Seattle Airport. Available Online at https://www. securityweek.com/data-stolen-in-ransomware-attack- that-hit-seattle-airport, accessed on 1 February 2024

2024
[55]

Available Online at https://ransomwareattacks

Halcyon Tech, Monti Ransomware Attack on Ae ́roport de Pau. Available Online at https://ransomwareattacks. halcyon.ai/attacks/monti-ransomware-attack-on- aeroport-de-pau, accessed on 1 February 2024

2024
[56]

Available Online at https://www.barrons.com/ news/cyberattack-hits-croatia-s-split-airport- dac3d776, accessed on 1 February 2024

BARRON'S, Cyberattack Hits Croatia’ s Split Airport. Available Online at https://www.barrons.com/ news/cyberattack-hits-croatia-s-split-airport- dac3d776, accessed on 1 February 2024

2024
[57]

Airport Breach

HACKREAD, Hackers Leak 2.5M Private Plane Owners' Data Linked to LA Intl. Airport Breach. Available Online at https://hackread.com/hackers-leak- private-plane-owners-data-la-airport-breach/, accessed on 1 August 2024

2024
[58]

Available Online at https://apnews

AP, Hacked Brazil Airport Screens Show Porn to Travelers. Available Online at https://apnews. com/article/entertainment-caribbean-brazil- c0842e915c403c41830 6433cdfc406a6, accessed on 1 February 2024. Research Paper: Safeguarding Skies: Airport Cybersecurity in the Digital Age 60 61วารสารเทคโนโลยีีสารสนเทศ มจพ. ปีีท ี� 21 ฉบัับัที� 2 กรกฎาคม - ธัันวาคม 2...

2024
[59]

Available Online at https://shorturl.at/vJRE7, accessed on 1 February 2024

KTSM.com, FBI warns cyber criminals are spoofing airport websites and Wi-Fi. Available Online at https://shorturl.at/vJRE7, accessed on 1 February 2024

2024
[60]

Available Online at https://www.nytimes.com/ 2024/09/13/travel/crowdstrike-outage-delta-airlines

The New York Times, Stranded in the CrowdStrike Meltdown: 'No Hotel, No Food, No Assistance'. Available Online at https://www.nytimes.com/ 2024/09/13/travel/crowdstrike-outage-delta-airlines. html, accessed on 1 February 2024

2024
[61]

BCC, Scam warning as fake emails and websites target users after outage. BBC. Available Online at https://www.bbc.com/news/articles/cq5xy12pynyo, accessed on 1 February 2024

2024
[62]

Cyber Security Challenges in Aviation Communication, Navigation, and Surveillance

G. Dave, G. Choudhary, V . Sihag, I. You, and K.-K. R. Choo. "Cyber Security Challenges in Aviation Communication, Navigation, and Surveillance." Computers & Security, V ol. 112, 2022

2022
[63]

Analysis of Cyber Vulnerabilities in Civil Aviation and Recommendations for Their Mitigation

E. Andreev and D. Dimitrov. "Analysis of Cyber Vulnerabilities in Civil Aviation and Recommendations for Their Mitigation." Aeronautical Research and Development, V ol. 1, pp. 90-99, 2022

2022
[64]

Studying Cybersecurity in Civil Aviation, including Developing and Applying Aviation Cybersecurity Risk Assessment

A. Elmarady and K. Rahouma. "Studying Cybersecurity in Civil Aviation, including Developing and Applying Aviation Cybersecurity Risk Assessment." IEEE Access, V ol. 4, 2016

2016
[65]

Cybersecurity in Aviation: The STPASEC Method Applied to the TCAS Security

M. L. Salgado and M. S. de Sousa. "Cybersecurity in Aviation: The STPASEC Method Applied to the TCAS Security." 2021 10 th Latin-American Symposium on Dependable Computing (LADC), Florianópolis, Brazil, pp. 1-10, 2021

2021
[66]

Cybersecurity Attacks on Software Logic and Error Handling within ADS-B Implementations: Systematic Testing of Resilience and Countermeasures

S. Khandker, H. Turtiainen, A. Costin, and T. Hämäläinen. "Cybersecurity Attacks on Software Logic and Error Handling within ADS-B Implementations: Systematic Testing of Resilience and Countermeasures." IEEE Transactions on Aerospace and Electronic Systems, V ol. 58, No. 4, pp. 2702-2719, 2022

2022
[67]

Resilient Cyber- security Approach for Aviation Cyber-physical Systems Protection against Sensor Spoofing Attacks

A. A. Alsulami and S. Zein-Sabatto. "Resilient Cyber- security Approach for Aviation Cyber-physical Systems Protection against Sensor Spoofing Attacks." 2021 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC), NV , USA, pp. 565-571, 2021

2021
[68]

Specific Air Traffic Management Cybersecurity Challenges: Architecture and Supply Chain

J. Haan. "Specific Air Traffic Management Cybersecurity Challenges: Architecture and Supply Chain." ICSEW'20: Proceedings of the IEEE/ACM 42 nd International Conference on Software Engineering Workshops, New York, NY , USA, pp. 245-249, 2020

2020
[69]

Securing IoT Surveillance Airport Infrastructure

C. Aranzazu-Suescun, L. F. Zapata-Rivera, O. G.-M. Saenz, and J. M. Christensen. "Securing IoT Surveillance Airport Infrastructure." Proceedings of the 2024 International Conference on Smart Applications, Communications and Networking, Harrisonburg, V A, USA, pp. 1-7, 2024

2024
[70]

Airport Security: The Impact of AI on Safety, Efficiency, and the Passenger Experience

E. Pik. "Airport Security: The Impact of AI on Safety, Efficiency, and the Passenger Experience." Journal of Transportation Security, V ol. 17, No. 1, December, 2024

2024
[71]

A Holistic Approach to Ensuring Safety and Cybersecurity in the Use of Intelligent Technologies in Air Transport

D. Shevchuk and I. Steniakin. "A Holistic Approach to Ensuring Safety and Cybersecurity in the Use of Intelligent Technologies in Air Transport." Electronics and Control Systems, V ol. 1, No. 75, pp. 97-101, 2023

2023
[72]

Available Online at https://www.wsj.com/articles/pager-attacks-in-lebanon- weaponize-supply-chains-60722390, accessed on 1 February 2024

The Wall Street Journal, Pager Attacks in Lebanon 'Weaponize' Supply Chains. Available Online at https://www.wsj.com/articles/pager-attacks-in-lebanon- weaponize-supply-chains-60722390, accessed on 1 February 2024

2024
[73]

The Importance of Cybersecurity Awareness Training in the Aviation Industry for Early Detection of Cyberthreats and Vulnerabilities

R. Sabillon and J.R.B. Higuera. "The Importance of Cybersecurity Awareness Training in the Aviation Industry for Early Detection of Cyberthreats and Vulnerabilities." International Conference on Human- Computer Interaction, pp. 461-479, 2023

2023
[74]

Capability Maturity Models for Targeted Cyber Security Training

S. Chockalingam, E. Nystad, and C. Esnoul. "Capability Maturity Models for Targeted Cyber Security Training." Proceedings of the International Conference on Human-Computer Interaction, pp. 576-590, 2023. Research Paper: Safeguarding Skies: Airport Cybersecurity in the Digital Age 62 63วารสารเทคโนโลยีีสารสนเทศ มจพ. ปีีท ี� 21 ฉบัับัที� 2 กรกฎาคม - ธัันวาคม...

2023
[75]

Available Online at https://thehackernews.com/2021/02/ why-human-error-is-1-cyber-security.html, accessed on 1 February 2024

The Hacker News, Why Human Error is #1 Cyber Security Threat to Businesses in 2021. Available Online at https://thehackernews.com/2021/02/ why-human-error-is-1-cyber-security.html, accessed on 1 February 2024

2021
[76]

Protecting Aviation Safety Against Cybersecurity Threats

P. Stastny and A. M. Stoica. "Protecting Aviation Safety Against Cybersecurity Threats." IOP Conference Series: Materials Science and Engineering, V ol. 1226, No. 1, pp. 12-25, 2022

2022
[77]

Modeling and Conducting Security Risk Assessment of Smart Airport Infrastructures with SECRAM

H. Saada, R. Orizio, and S. Sebastio. "Modeling and Conducting Security Risk Assessment of Smart Airport Infrastructures with SECRAM." Proceedings of the 7 th International Conference on Networking, Intelligent Systems and Security, No. 59, pp. 1-7, 2024

2024
[78]

Flight Delays and Cancellations Due to Airport Technology Network Disruptions Worldwide

T. Jeeradist. "Flight Delays and Cancellations Due to Airport Technology Network Disruptions Worldwide." KBU Journal of Aviation Management: KBUJAM, V ol. 2, No. 1, pp. 51-60, 2024

2024
[79]

The Types of Hackers and Cyberattacks in the Aviation Industry

L. Florido-Benítez. "The Types of Hackers and Cyberattacks in the Aviation Industry." Journal of Transportation Security, V ol. 17, No. 13, 2024

2024
[80]

Using Digital Twins to Integrate Cyber Security with Physical Security at Smart Airports

H. Su and W. Pan. "Using Digital Twins to Integrate Cyber Security with Physical Security at Smart Airports." Interdisciplinary Journal of Engineering and Environmental Sciences, V ol. 10, No. 1, pp. 38-45, January-March, 2023

2023
[81]

Cybersecurity Maturity Framework for International Airports in Malaysia: A Systematic Literature Review (SLR)

S. Samuri, M.F.A. Khir, Z.M. Amin, and M. F. N. Mohammad. "Cybersecurity Maturity Framework for International Airports in Malaysia: A Systematic Literature Review (SLR)." Journal of Information and Knowledge Management (JIKM), V ol. 2, pp. 156-167, 2023

2023

Showing first 80 references.

[1] [1]

Airport authorities undertake substantial efforts to prevent unlawful interference and ensure their security practices meet current standards

Introduction In the physical domain, airport security entails the screening of passengers, baggage, cargo, and the fortification of secure areas within the airport premises. Airport authorities undertake substantial efforts to prevent unlawful interference and ensure their security practices meet current standards. However, in the realm of technology, cyb...

work page doi:10.14416/j.it/2025.v2.005 2017

[2] [2]

Smart Airport

Background Understanding airport technologies, threat actors, and recent high-profile incidents highlights the need for stronger security measures. This section examines airport technology, cybersecurity concerns, the landscape of cyber threat actors, and notable attack incidents. 2.1 Airport Technology and Security Concerns Airport operations have transf...

[3] [3]

- [16]. 2: Cybercrime: Attackers in this category target systems for valuable and sensitive information from passengers and airport employees [17] - [21], particularly those that are internet-facing or publicly accessible [17]. 3: Peer Group Service Disruption: Hackers motivated by political agendas or beliefs whose focus is on service disruptions rather ...

2022

[4] [4]

Our goal is to identify and delineate the prevailing cybersecurity threats and risks, categorizing them in alignment with the MITRE ATT&CK Matrix

Research Methodology This study synthesizes recent airport cybersecurity incidents, literature, insights from online sources, and an examination of various cybersecurity standards and policies. Our goal is to identify and delineate the prevailing cybersecurity threats and risks, categorizing them in alignment with the MITRE ATT&CK Matrix. By systematicall...

[5] [5]

airport AND cybersecurity

Literature Review We conduct a comprehensive literature review by searching academic databases, including Google Scholar, ResearchGate, Scopus, and Web of Science, using the following keywords: "airport AND cybersecurity", "aviation AND cybersecurity", "airport AND information security", "airport AND IT security", "smart airport", and "airport AND cyber r...

[6] [6]

- [47]. These studies analyze vulnerabilities and mitigations, with examples including man-in-the-middle attacks between aircraft and ground control [42], the lack of encryption in the Automatic Dependent Surveillance-Broadcast (ADS-B) [43], [45], and the security concerns related to digitization of the Traffic Collision Avoidance System (TCAS) [44]. Thes...

2025

[7] [7]

- [64]. Numerous works study airport cybersecurity incidents [55] - [60], including threat actor typologies [58], [61] and associated risks and threats in relation to ICAO (International Civil Aviation Organization) standards [55], which encompass the entire spectrum of airport security risks. Standards and Regulations. Publications in this category revie...

[8] [8]

juice jacking

Airport Security Risks This section provides detailed exploration of cybersecurity risks associated with attack vectors (Section 2.3) and those identified in our literature review (Section 4). 5.1 Public-facing Accesses BYOD. The practice of Bring-Your-Own-Device (BYOD) commonly raises concern due to the exposure of organizations to vulnerabilities [71], ...

2025

[9] [9]

This widely adopted cybersecurity knowledge base outlines the tactics, techniques and procedures (TTPs) utilized globally for threat analysis and security defenses

Airport Security Risks and MITRE ATT&CK Matrix This section provides a comprehensive analysis of the security risks faced by airports, categorizing these risks in alignment with the MITRE ATT&CK Matrix for Enterprise (or MITRE Matrix) [98]. This widely adopted cybersecurity knowledge base outlines the tactics, techniques and procedures (TTPs) utilized glo...

2024

[10] [10]

Public-facing Accesses • • •

[11] [11]

Insecure Network Architecture • • •

[12] [12]

Internet-facing Applications and Services • •

[13] [13]

Social Engineering Attacks • • • • •

[14] [14]

Malware and Ransomware • • • • • • • • • •

[15] [15]

Data Breach • • • • • • • • • •

[16] [16]

Supply Chain and Third Party • • • •

[17] [17]

Insider Threats • • •

[18] [18]

DoS • The ́sign ́● ́indicates ́that ́the ́airport ́security ́risk ́shown ́can ́be ́categorized ́according ́to ́the ́specific ́MITRE ́Matrix ́technique. Associated MITRE Initial Access Tactic (TA0001) ID Technique T1659 T1189 T1190 T1133 T1200 T1566 T1091 T1195 T1199 T1078 Content Injection Drive-by Compromise Exploit Public-Facing Application External Rem...

2025

[19] [19]

Demilitarized Zone

Modern Defenses for Airport Security In this section, we outline modern security defense strategies and best practices specifically designed for airport. The key focus areas include the adoption of Cybersecurity Frameworks and the implementation of Zero Trust Architecture, along with additional defenses addressing the identified risks in previous sections...

2025

[20] [20]

Cyber threats are continuously evolving and becoming more sophisticated, and diversified

Challenges and Future Research Directions While a range of defenses have been detailed, significant challenges remain that must be addressed in order to further enhance airport cybersecurity Evolving Threat Landscape. Cyber threats are continuously evolving and becoming more sophisticated, and diversified. This necessitates ongoing research and airport ad...

[21] [21]

Conclusion This paper explores the critical area of airport cybersecurity, highlighting the seriousness of emerging threats in this domain. Through insights gained from recent real-world incidents and a systematic literature review, we conducted a comprehensive analysis and categorized major cybersecurity risks confronting airports, aligned with the MITRE...

[22] [22]

Smart Airport Cybersecurity: Threat Mitigation and Cyber Resilience Controls

G. Lykou, A. Anagnostopoulou, and D. Gritzalis. "Smart Airport Cybersecurity: Threat Mitigation and Cyber Resilience Controls." Sensors, V ol. 19, No. 1, 2019

2019

[23] [23]

Available Online at https:// www.eurocontrol.int/publication/eurocontrol- think-paper-12-aviation-under-attack-wave-cyber crime, accessed on 1 February 2024

EUROCONTROL, Aviation under Attack from a Wave of Cybercrime. Available Online at https:// www.eurocontrol.int/publication/eurocontrol- think-paper-12-aviation-under-attack-wave-cyber crime, accessed on 1 February 2024

2024

[24] [24]

Business Insurance, US to add cybersecurityrequirements for critical aviation systems. Available Online at https://www.businessinsurance.com/article/20221012/ NEWS06/912353045/US-to-add-cybersecurity-re quirements-for-critical-aviation-systems, accessed on 1 February 2024. Research Paper: Safeguarding Skies: Airport Cybersecurity in the Digital Age 58 59ว...

work page arXiv 2024

[25] [25]

IATA, Compilation of Cyber Security Regulations, Standards, and Guidance Applicable to Civil Aviation Edition 3.0. Available Online at https://www.iata.org/ contentassets/4c51b00fb25e4b60b 38376a935e278b/compilation-of-cyber-regulations- standards-and-guidance3.0.pdf, accessed on 1 February 2024

2024

[26] [26]

A Holistic Review of Cybersecurity and Reliability Perspectives in Smart Airports

N. Koroniotis, N. Moustafa, F. Schiliro, P. Gauravaram, and H. Janicke. "A Holistic Review of Cybersecurity and Reliability Perspectives in Smart Airports." IEEE Access, V ol. 8, pp. 209802-209834, 2020

2020

[27] [27]

Fattah, H

A. Fattah, H. Lock, W. Buller, and S. Kirby. Smart Airports: Transforming Passenger Experience to Thrive in the New Economy. Available Online at https://www.cisco.com/c/dam/en_us/about/ac79/ docs/pov/Passenger_Exp_POV_0720aFINAL.pdf, accessed on 1 February 2024

2024

[28] [28]

Available Online at https:// shorturl.at/1lsGo, accessed on 1 February 2024

TSA, 20 years after 9/11: The state of the transportation security administration. Available Online at https:// shorturl.at/1lsGo, accessed on 1 February 2024

2024

[29] [29]

Implementing Cyber Security Measures in Airports to Improve Cyber Resilience

G. Lykou, A. Anagnostopoulou, and D. Gritzalis. "Implementing Cyber Security Measures in Airports to Improve Cyber Resilience." Proceedings of the 2018 Global Internet of Things Summit, pp. 1-6, 2018

2018

[30] [30]

Adoption of Industry 4.0 Technologies in Airports - A Systematic Literature Review

J. H. Tan and T. Masood. "Adoption of Industry 4.0 Technologies in Airports - A Systematic Literature Review." ArXiv, pp. 1-25, 2021

2021

[31] [31]

Understanding the Adoption of Industry 4.0 Technologies in Improving Environmental Sustainability

M. Javaid, A. Haleem, R. P. Singh, R. Suman, and E. S. Gonzalez. "Understanding the Adoption of Industry 4.0 Technologies in Improving Environmental Sustainability." Sustainable Operations and Computers, V ol. 3, pp. 203 - 217, 2022

2022

[32] [32]

Cyber Security for Airports

K. Gopalakrishnan, M. Govindarasu, D. Jacobson, and B. M. Phares. "Cyber Security for Airports." International Journal for Traffic and Transport Engineering (IJTTE), V ol. 3, No. 4, pp. 365-376, 2013

2013

[33] [33]

Available Online at https://www.bloomberg.com/news/articles/2021-06-04/ hackers-breached-colonial-pipeline-using-com promised-password, accessed on 1 February 2024

Bloomberg, Colonial Pipeline Cyber Attack: Hackers Used Compromised Password. Available Online at https://www.bloomberg.com/news/articles/2021-06-04/ hackers-breached-colonial-pipeline-using-com promised-password, accessed on 1 February 2024

2021

[34] [34]

Available Online at https://www.cnn.com/2022/05/26/ politics/new-jersey-somerset-county-ransomware- attack, accessed on 1August 2023

CNN, Ransomware attack hits New Jersey county. Available Online at https://www.cnn.com/2022/05/26/ politics/new-jersey-somerset-county-ransomware- attack, accessed on 1August 2023

2022

[35] [35]

Available Online at https:// threatpost.com/ransomware-attack-new-jersey, accessed on 1 February 2024

Threatpost, N.J.'s Largest Hospital System Pays Up in Ransomware Attack. Available Online at https:// threatpost.com/ransomware-attack-new-jersey, accessed on 1 February 2024

2024

[36] [36]

Available Online at https://www.mandiant

Mandiant, Advanced Persistent Threats (APTs) -- Threat Actors & Groups. Available Online at https://www.mandiant. com/resources/insights/apt- groupsm, accessed on 1 June 2023

2023

[37] [37]

Available Online at https://www.zdnet

ZDNET, Russian state hackers behind San Francisco Airport Hack. Available Online at https://www.zdnet. com/article/russian-state-hackers-behind-san-fran cisco-airport-hack/, accessed on 1 February 2024

2024

[38] [39]

Available Online at https://www.hstoday.us/subject-matter-areas/ transportation/long-beach-airports-website-taken- down-by-cyber-attack/, accessed on 1 June 2023

Homeland Security Today, Long Beach Airport’ s Website Taken Down By Cyber Attack. Available Online at https://www.hstoday.us/subject-matter-areas/ transportation/long-beach-airports-website-taken- down-by-cyber-attack/, accessed on 1 June 2023

2023

[39] [40]

Available Online at https://therecord.media/queretaro-international-airport- mexico-cyberattack, accessed on 1 February 2024

The Record, Major Mexican airport confirms experts are working to address cyberattack. Available Online at https://therecord.media/queretaro-international-airport- mexico-cyberattack, accessed on 1 February 2024

2024

[40] [41]

Available Online at https://ntvkenya

NTV , KAA confirms data breach, says no sensitive data leaked. Available Online at https://ntvkenya. co.ke/news/kaa-confirms-data-breach-says-no- sensitive-data-leaked/, accessed on 1 May 2023

2023

[41] [42]

ปีีท ี� 21 ฉบัับัที� 2 กรกฎาคม - ธัันวาคม 2568 วารสารเทคโนโลยีีสารสนเทศ มจพ.ปีีท ี� 21 ฉบัับัที� 2 กรกฎาคม - ธัันวาคม 2568 Vol

Airport Technology, Ransomware attack on Swissport Research Paper: Safeguarding Skies: Airport Cybersecurity in the Digital Age 60 61วารสารเทคโนโลยีีสารสนเทศ มจพ. ปีีท ี� 21 ฉบัับัที� 2 กรกฎาคม - ธัันวาคม 2568 วารสารเทคโนโลยีีสารสนเทศ มจพ.ปีีท ี� 21 ฉบัับัที� 2 กรกฎาคม - ธัันวาคม 2568 Vol. 21, No. 2, July - December 2025 Information Technology Journal KMU...

2025

[42] [43]

Available Online at https:// securityaffairs.com/157079/hacking/cyber-attack- hit-beirut-international-airport.html, accessed on 1 February 2024

Security Affairs, A Cyber Attack Hit The Beirut International Airport. Available Online at https:// securityaffairs.com/157079/hacking/cyber-attack- hit-beirut-international-airport.html, accessed on 1 February 2024

2024

[43] [44]

Available Online at https://thecyberexpress

The Cyber Express, DDoS Cyberattack Hits Cairo International Airport: Anonymous Collective Claims Responsibility. Available Online at https://thecyberexpress. com/cairo-international-airport-cyberattack, accessed on 1 February 2024

2024

[44] [45]

Available Online at https://brnodaily.com/2023/10/24/news/czech- police-interior-ministry-airport-websites-come-under- cyber-attack/, accessed on 1 February 2024

Czech Police, Interior Ministry, Airport Websites Come Under Cyber Attack. Available Online at https://brnodaily.com/2023/10/24/news/czech- police-interior-ministry-airport-websites-come-under- cyber-attack/, accessed on 1 February 2024

2023

[45] [46]

Available Online at https:// therecord.media/canada-border-checkpoint-outages- ddos-attack-russia, accessed on 1 May 2023

The Record, Canada blames border checkpoint outages on cyberattack. Available Online at https:// therecord.media/canada-border-checkpoint-outages- ddos-attack-russia, accessed on 1 May 2023

2023

[46] [47]

Available Online at https://techmonitor.ai/technology/ cybersecurity/opfrance-cyberattack-charles-de-gaulle- airport, accessed on 1 June 2023

Tech Monitor, Charles de Gaulle Airport website offline after suspected '#OpFrance' DDoS cyberattack. Available Online at https://techmonitor.ai/technology/ cybersecurity/opfrance-cyberattack-charles-de-gaulle- airport, accessed on 1 June 2023

2023

[47] [48]

Available Online at https:// www.mirror.co.uk/travel/news/uk-airports-targeted- coordinated-russia-30504938, accessed on 1 February 2024

Mirror, UK airports targeted by coordinated Russia cyberattack groups. Available Online at https:// www.mirror.co.uk/travel/news/uk-airports-targeted- coordinated-russia-30504938, accessed on 1 February 2024

2024

[48] [49]

Available Online at https://shorturl.at/7ACXL, accessed on 1 February 2024

Information Week, The DDoS Attack on German Airport Websites and What IT Leaders Can Learn. Available Online at https://shorturl.at/7ACXL, accessed on 1 February 2024

2024

[49] [50]

Available Online at https://apnews.com/article/technology-business- atlanta-680cf93f7eb0300127448c35299ad66e, accessed on 1 February 2024

The Associated Press, Denial-of-service attacks knock US airport websites offline. Available Online at https://apnews.com/article/technology-business- atlanta-680cf93f7eb0300127448c35299ad66e, accessed on 1 February 2024

2024

[50] [51]

Available Online at https://shorturl.at/Kvn9C, accessed on 1 February 2024

Euractiv, Italy target of major Russia-linked cyberattack, again. Available Online at https://shorturl.at/Kvn9C, accessed on 1 February 2024

2024

[51] [52]

Available Online at https://cybermaterial.com/ cyberattack-hit-copenhagen-airport/, accessed on 1 February 2024

CyberMaterial, Cyberattack Hit Copenhagen Airport. Available Online at https://cybermaterial.com/ cyberattack-hit-copenhagen-airport/, accessed on 1 February 2024

2024

[52] [53]

Available Online at https://www.wsj.com/articles/why-hackers-use- bitcoin-and-why-it-is-so-difficult-to-trace- 11594931595, accessed on 1 February 2024

The Wall Street Journal, Why Hackers Use Bitcoin and Why It Is So Difficult to Trace. Available Online at https://www.wsj.com/articles/why-hackers-use- bitcoin-and-why-it-is-so-difficult-to-trace- 11594931595, accessed on 1 February 2024

2024

[53] [54]

Available Online at https://www

SecurityWeek, Data Stolen in Ransomware Attack That Hit Seattle Airport. Available Online at https://www. securityweek.com/data-stolen-in-ransomware-attack- that-hit-seattle-airport, accessed on 1 February 2024

2024

[54] [55]

Available Online at https://ransomwareattacks

Halcyon Tech, Monti Ransomware Attack on Ae ́roport de Pau. Available Online at https://ransomwareattacks. halcyon.ai/attacks/monti-ransomware-attack-on- aeroport-de-pau, accessed on 1 February 2024

2024

[55] [56]

Available Online at https://www.barrons.com/ news/cyberattack-hits-croatia-s-split-airport- dac3d776, accessed on 1 February 2024

BARRON'S, Cyberattack Hits Croatia’ s Split Airport. Available Online at https://www.barrons.com/ news/cyberattack-hits-croatia-s-split-airport- dac3d776, accessed on 1 February 2024

2024

[56] [57]

Airport Breach

HACKREAD, Hackers Leak 2.5M Private Plane Owners' Data Linked to LA Intl. Airport Breach. Available Online at https://hackread.com/hackers-leak- private-plane-owners-data-la-airport-breach/, accessed on 1 August 2024

2024

[57] [58]

Available Online at https://apnews

AP, Hacked Brazil Airport Screens Show Porn to Travelers. Available Online at https://apnews. com/article/entertainment-caribbean-brazil- c0842e915c403c41830 6433cdfc406a6, accessed on 1 February 2024. Research Paper: Safeguarding Skies: Airport Cybersecurity in the Digital Age 60 61วารสารเทคโนโลยีีสารสนเทศ มจพ. ปีีท ี� 21 ฉบัับัที� 2 กรกฎาคม - ธัันวาคม 2...

2024

[58] [59]

Available Online at https://shorturl.at/vJRE7, accessed on 1 February 2024

KTSM.com, FBI warns cyber criminals are spoofing airport websites and Wi-Fi. Available Online at https://shorturl.at/vJRE7, accessed on 1 February 2024

2024

[59] [60]

Available Online at https://www.nytimes.com/ 2024/09/13/travel/crowdstrike-outage-delta-airlines

The New York Times, Stranded in the CrowdStrike Meltdown: 'No Hotel, No Food, No Assistance'. Available Online at https://www.nytimes.com/ 2024/09/13/travel/crowdstrike-outage-delta-airlines. html, accessed on 1 February 2024

2024

[60] [61]

BCC, Scam warning as fake emails and websites target users after outage. BBC. Available Online at https://www.bbc.com/news/articles/cq5xy12pynyo, accessed on 1 February 2024

2024

[61] [62]

Cyber Security Challenges in Aviation Communication, Navigation, and Surveillance

G. Dave, G. Choudhary, V . Sihag, I. You, and K.-K. R. Choo. "Cyber Security Challenges in Aviation Communication, Navigation, and Surveillance." Computers & Security, V ol. 112, 2022

2022

[62] [63]

Analysis of Cyber Vulnerabilities in Civil Aviation and Recommendations for Their Mitigation

E. Andreev and D. Dimitrov. "Analysis of Cyber Vulnerabilities in Civil Aviation and Recommendations for Their Mitigation." Aeronautical Research and Development, V ol. 1, pp. 90-99, 2022

2022

[63] [64]

Studying Cybersecurity in Civil Aviation, including Developing and Applying Aviation Cybersecurity Risk Assessment

A. Elmarady and K. Rahouma. "Studying Cybersecurity in Civil Aviation, including Developing and Applying Aviation Cybersecurity Risk Assessment." IEEE Access, V ol. 4, 2016

2016

[64] [65]

Cybersecurity in Aviation: The STPASEC Method Applied to the TCAS Security

M. L. Salgado and M. S. de Sousa. "Cybersecurity in Aviation: The STPASEC Method Applied to the TCAS Security." 2021 10 th Latin-American Symposium on Dependable Computing (LADC), Florianópolis, Brazil, pp. 1-10, 2021

2021

[65] [66]

Cybersecurity Attacks on Software Logic and Error Handling within ADS-B Implementations: Systematic Testing of Resilience and Countermeasures

S. Khandker, H. Turtiainen, A. Costin, and T. Hämäläinen. "Cybersecurity Attacks on Software Logic and Error Handling within ADS-B Implementations: Systematic Testing of Resilience and Countermeasures." IEEE Transactions on Aerospace and Electronic Systems, V ol. 58, No. 4, pp. 2702-2719, 2022

2022

[66] [67]

Resilient Cyber- security Approach for Aviation Cyber-physical Systems Protection against Sensor Spoofing Attacks

A. A. Alsulami and S. Zein-Sabatto. "Resilient Cyber- security Approach for Aviation Cyber-physical Systems Protection against Sensor Spoofing Attacks." 2021 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC), NV , USA, pp. 565-571, 2021

2021

[67] [68]

Specific Air Traffic Management Cybersecurity Challenges: Architecture and Supply Chain

J. Haan. "Specific Air Traffic Management Cybersecurity Challenges: Architecture and Supply Chain." ICSEW'20: Proceedings of the IEEE/ACM 42 nd International Conference on Software Engineering Workshops, New York, NY , USA, pp. 245-249, 2020

2020

[68] [69]

Securing IoT Surveillance Airport Infrastructure

C. Aranzazu-Suescun, L. F. Zapata-Rivera, O. G.-M. Saenz, and J. M. Christensen. "Securing IoT Surveillance Airport Infrastructure." Proceedings of the 2024 International Conference on Smart Applications, Communications and Networking, Harrisonburg, V A, USA, pp. 1-7, 2024

2024

[69] [70]

Airport Security: The Impact of AI on Safety, Efficiency, and the Passenger Experience

E. Pik. "Airport Security: The Impact of AI on Safety, Efficiency, and the Passenger Experience." Journal of Transportation Security, V ol. 17, No. 1, December, 2024

2024

[70] [71]

A Holistic Approach to Ensuring Safety and Cybersecurity in the Use of Intelligent Technologies in Air Transport

D. Shevchuk and I. Steniakin. "A Holistic Approach to Ensuring Safety and Cybersecurity in the Use of Intelligent Technologies in Air Transport." Electronics and Control Systems, V ol. 1, No. 75, pp. 97-101, 2023

2023

[71] [72]

Available Online at https://www.wsj.com/articles/pager-attacks-in-lebanon- weaponize-supply-chains-60722390, accessed on 1 February 2024

The Wall Street Journal, Pager Attacks in Lebanon 'Weaponize' Supply Chains. Available Online at https://www.wsj.com/articles/pager-attacks-in-lebanon- weaponize-supply-chains-60722390, accessed on 1 February 2024

2024

[72] [73]

The Importance of Cybersecurity Awareness Training in the Aviation Industry for Early Detection of Cyberthreats and Vulnerabilities

R. Sabillon and J.R.B. Higuera. "The Importance of Cybersecurity Awareness Training in the Aviation Industry for Early Detection of Cyberthreats and Vulnerabilities." International Conference on Human- Computer Interaction, pp. 461-479, 2023

2023

[73] [74]

Capability Maturity Models for Targeted Cyber Security Training

S. Chockalingam, E. Nystad, and C. Esnoul. "Capability Maturity Models for Targeted Cyber Security Training." Proceedings of the International Conference on Human-Computer Interaction, pp. 576-590, 2023. Research Paper: Safeguarding Skies: Airport Cybersecurity in the Digital Age 62 63วารสารเทคโนโลยีีสารสนเทศ มจพ. ปีีท ี� 21 ฉบัับัที� 2 กรกฎาคม - ธัันวาคม...

2023

[74] [75]

Available Online at https://thehackernews.com/2021/02/ why-human-error-is-1-cyber-security.html, accessed on 1 February 2024

The Hacker News, Why Human Error is #1 Cyber Security Threat to Businesses in 2021. Available Online at https://thehackernews.com/2021/02/ why-human-error-is-1-cyber-security.html, accessed on 1 February 2024

2021

[75] [76]

Protecting Aviation Safety Against Cybersecurity Threats

P. Stastny and A. M. Stoica. "Protecting Aviation Safety Against Cybersecurity Threats." IOP Conference Series: Materials Science and Engineering, V ol. 1226, No. 1, pp. 12-25, 2022

2022

[76] [77]

Modeling and Conducting Security Risk Assessment of Smart Airport Infrastructures with SECRAM

H. Saada, R. Orizio, and S. Sebastio. "Modeling and Conducting Security Risk Assessment of Smart Airport Infrastructures with SECRAM." Proceedings of the 7 th International Conference on Networking, Intelligent Systems and Security, No. 59, pp. 1-7, 2024

2024

[77] [78]

Flight Delays and Cancellations Due to Airport Technology Network Disruptions Worldwide

T. Jeeradist. "Flight Delays and Cancellations Due to Airport Technology Network Disruptions Worldwide." KBU Journal of Aviation Management: KBUJAM, V ol. 2, No. 1, pp. 51-60, 2024

2024

[78] [79]

The Types of Hackers and Cyberattacks in the Aviation Industry

L. Florido-Benítez. "The Types of Hackers and Cyberattacks in the Aviation Industry." Journal of Transportation Security, V ol. 17, No. 13, 2024

2024

[79] [80]

Using Digital Twins to Integrate Cyber Security with Physical Security at Smart Airports

H. Su and W. Pan. "Using Digital Twins to Integrate Cyber Security with Physical Security at Smart Airports." Interdisciplinary Journal of Engineering and Environmental Sciences, V ol. 10, No. 1, pp. 38-45, January-March, 2023

2023

[80] [81]

Cybersecurity Maturity Framework for International Airports in Malaysia: A Systematic Literature Review (SLR)

S. Samuri, M.F.A. Khir, Z.M. Amin, and M. F. N. Mohammad. "Cybersecurity Maturity Framework for International Airports in Malaysia: A Systematic Literature Review (SLR)." Journal of Information and Knowledge Management (JIKM), V ol. 2, pp. 156-167, 2023

2023