In a panel on aviation in the cyber age at Wednesday's joint event by Cybertech and Fortinet, a discussion was held on the question of how to secure the supply chain in the aviation market. According to the National Cyber Directorate, there are two main threats – a shutdown of the airport, and a plane crash
A panel on aviation in the cyber age moderated by Tamir Goren, director of special technologies at the Israel National Cyber Directorate, was held at Wednesday's joint event held by Cybertech and Fortinet. The other participants were Asaf Levy, CISO of El Al; Rubi Arbel, CEO, Security Scribe; and Zohar Ben-David, head of the aviation section of the National Cyber Directorate.
Levy: "We took apart systems of the 787 to determine whether they have points of failure, and we are talking to Boeing (about it). We are trying to understand how the updates are carried out. In general, the update is done with a laptop that connects to a system of the plane. One of the things that we did is to reinforce the computers with which you connect to the plane. We also receive logs from the plane to understand what happens during every flight."
"We have a big budget for defense of operational technology (OT), and we used part of it for defense of facilities and adoption of cyber elements. Every interaction involving the plane is monitored. There are planes that can broadcast data via satellites for maintenance purposes, and we examine that. We have continuous penetration tests for OT and IT. El Al emphasized the cyber aspects of the 787 even before I started working at the company. At the end of 2019, Boeing (staff) came to check what had been done in Israel in order to learn from it."
"When you update the plane, you come from the direction of IT. If the companies that send updates are hacked, it could be a problem. Even the suppliers who are connected to you have an influence on your systems."