Defend the Airport - Real-World Lessons in Aviation Cybersecurity

I recently had the privilege of attending Defend the Airport, a leading aviation cybersecurity conference hosted by the Technology Advancement Center (TAC) in Columbia, MD. TAC is a nonprofit organization dedicated to fueling the people and technology needed to solve critical defense and cybersecurity challenges for the nation. The events they host bring together a veritable who’s who from the U.S. government and industry to discuss pressing airport cyber threats.

TAC excels at getting the right people in the room, and Defend the Airport was no exception. Here are some of my biggest takeaways from the event.

Aviation Cyber Threats: We Are Exposed

According to a recent report by the Cyberspace Solarium Commission, the number of cyberattacks on the aviation industry increased 131% from 2022 to 2023. A flight delay may irritate travelers, but a complete grounding of all commercial air traffic - like the January 2023 incident when air traffic control systems went offline for two hours - is far more disruptive. While that outage wasn't caused by a cyberattack, it underscored just how easily malicious actors could cripple systems for days or weeks.

The critical role of our nation’s airports in commerce, logistics, and military operations is undeniable. At Defend the Airport, speakers like Rear Adm. Mark Montgomery highlighted how the U.S. military relies on commercial aviation to move personnel and supplies. They detailed actions by Volt Typhoon, a PRC-based threat actor that compromises critical infrastructure to enable future disruptions, showing how cyberattacks can undermine national functions even without kinetic conflict.

TAC's team reinforced this with demonstrations on the Adega Airport Cyber Range, a realistic simulation reproducing the actual network of an anonymous US civil airport. They showed the chaos possible by disrupting baggage handling, fuel systems, and guidance controls – even defeating radar to allow undetected drone infiltration.

These weren't hypothetical scenarios; they replayed real-world attacks on aviation infrastructure. The results were both sobering and alarming.

We Can Do Better

Technical solutions exist to counter these airport cyber threats. TAC gave selected vendors a chance to showcase how their tools detect or prevent such attacks. The vendors performed impressively - many demonstrated detection that could trigger defenses and remediation. Our Zentera demo emphasized prevention through zero trust principles in aviation, allowing normal operations while blocking the attack.

But the reality is grim: Few facilities have implemented these safeguards. Limited budgets (especially for rural airports), competing priorities, and understaffing often delay action. That works... until it doesn't.

We Will Do Better

Voices for change are growing louder. At Defend the Airport, Dr. Wanda Jones-Heath, USAF Principal Cyber Advisor, pushed for proactive security: implementing controls and policies upfront instead of reacting post-attack.

Amid the gloom around current aviation cybersecurity, I spotted hope: Government and industry leaders are resolved to make things better through tight partnerships. Public and private sector attendees agreed on a fundamental principle: “We will do better.”

Achieving this needs new policies and funding - but not necessarily new tech. As vendors like us showed, the solutions needed to eliminate these vulnerabilities already exist. The challenge now is implementation at scale, supported by adequate resources and coordinated efforts across the aviation ecosystem

The stakes are too high for anything less than our full commitment to securing this critical infrastructure. The conversations at Defend the Airport made clear that the aviation industry recognizes this responsibility - and is prepared to act on it.