The transport threat horizon
Transport Security Expo, the annual gathering of professionals within the aviation, maritime and public transport arenas, convenes again 13-14 November 2013, against a backdrop of the industry being at a developmental crossroads in terms of both its regulation and ability to respond to current and emerging threats.
This key event will gather policy makers, world leading experts, technologists and industry operators together in London, to examine current protective measures, assess the threat horizon and determine how best to maintain traveller safety in a changing and increasingly hostile world in austere economic times.
Through an in-depth conference, extensive programme of workshops and a world‑class exhibition, delegates and visitors will immerse themselves in the challenges transport operators face in maintaining high levels of security and the solutions to them, during a two-day event held at the Olympia Conference and Exhibition Centre.
There will also be a world-leading exhibition of state of the art software and hardware products from vendors from across the globe.
Major threats for transport
For the first time in its long history as the premier gathering for industry professionals, the event introduces the “Major Threats to Transport Security” plenary session this year. This entirely new addition to an already extensive programme has been developed to clearly identify overarching threats common across all transport interests and foster convergence of thought.
Transport Security Expo’s plenary session will deliver a ‘360 Global Threat Assessment’.
The session is open to all delegates attending the event and features debate on how best to manage the risk to transport networks from terrorism and other crimes, discussion on protecting national and global transport systems from acts of terrorism and other security threats, as well as discourse regarding the extent of the cyber security threat to transport industries.
Transport Security Expo has identified that the industry wide problem of cyber security is becoming acute, thus the prominence being afforded this issue during the forthcoming event. The transport industries depend on information technology and would likely grind to a halt without ready access to data required for day-to-day operations. This imposes a requirement that the systems deployed across the transport networks are both robust and secure.
The traditional approach to cyber security has been to focus most resources on the crucial system components and protect against the biggest known threats. This approach is insufficient in the interconnected world of today, where a much more holistic approach to cyber security across transport networks is absolutely vital.
Cyber terrorism in aviation
Cyber security should be at the top of the agenda issue across the transport world but perhaps most particularly in the aviation sector. Next generation aircraft currently being introduced into service are e-enabled via secure Internet Protocol (IP) communication channels passing data back and forth between ground and on-board systems.
Currently the Airbus A380 and the Boeing 787 are the only e-enabled commercial aircraft in service, but the coming Bombardier CSeries and the Airbus A350 will also adopt this feature. Real time direct communication allows airlines to directly monitor aircraft health, pass relevant operational information to air crew and enable such like as e-commerce in the air.
Such systems also provide an interface with a piece of equipment known as the Electronic Flight Bag (EFB). This is a series of software tools that allow pilots to automate tasks such as weight and balance, along with allowing pilots to track routes with weather overlays. It’s estimated that 30,000 laptop or tablet computer EFBs are used in North America alone.
Concern is high that EFB connectivity could deliver a path for malicious code to enter into airborne systems aboard e-enabled aircraft. The airline industry cyber security consultancy firm AvIntel says that 80 per cent of airlines recently surveyed have an active EFB programme running, but only 40 per cent have an active EFB cyber security plan in place.
Given that ubiquitous connectivity for EFBs means the devices are constantly sniffing for a signal, it is possible for these devices to compromised if pilots go online over public internet connections to download information prior to flight.
It has become very evident over recent years that terrestrial networks are easily compromised; therefore the aviation industry needs to pay close attention to aircraft that have network connectivity.
Transport industries collectively also owe it to themselves to ensure that the information technology they depend so upon, has a sufficient level of redundancy built in to limit downtime and aid prompt recovery in the event of a cyber attack or hardware failure.
Two of biggest airline carriers in the United States, American and Southwest, have suffered major outages during this past year, which have grounded flights, caused chaos at airports across the country and taken costly time to recover from.
A recent US Government Accountability Office (GAO) study reported a worrying 26 per cent increase over three years in Transportation Security Administration (TSA) personnel transgressions considered to be a security threat. The issues highlighted ranged from sleeping on the job, through allowing friends and family members to pass freely at screening to theft of in transit traveller property.
The property theft briefly captured headlines after a TSA employee was captured on film stealing from baggage in the mêlée following the San Francisco (SFO) air crash in which three people died and multiple other passengers were seriously injured.
Separately, when fire engulfed Kenya’s Jomo Kenyata International Airport (NBO) in early August, some airport personnel grasped an opportunity to indulge in widespread looting.
Police, airport security and random other airport personnel reportedly engaged in the looting spree while the fire raged. Multiple people across all disciplines have been arrested and are facing charges.
Transport Security Expo has warned of the insider threat previously and continues to monitor this worrying upward trend in activity such as highlighted above.
The insider threat has the potential to compromise other defenses in place at airports, ports and other border crossings and could very well open the door to further terrorist activity.
It is a here and now issue which demands immediate action before it escalates to critical and potentially life-threatening proportion.
INTERPOL issued a global security alert in early August advising increased vigilance for terrorist activity, following a series of prison escapes across multiple member countries, in which well over a thousand individuals with links to terrorist organisations fled.
Concern has been expressed that these apparently coordinated escapes may be a precursor to an upswing in jihadist attacks across the Middle East and North Africa.
Some parts of this region have been in a state of turmoil since the uprisings of recent years and consequently have weakened or diminished counter terrorism capabilities, border control mechanisms, internal security priorities, and other shortcomings.
The rise of new or transitional governments in Egypt, Tunisia, Yemen, and Libya, and ongoing unrest in Syria and Mali, have offered new opportunities for established affiliates to the likes of al-Qa’ida, other aspiring terrorist groups, and like-minded individuals to conduct attacks against western interests across the region.
Transport Security Expo will bring attention to the regional threats faced by the maritime and supply chain sectors when it convenes again in November.