US to issue new cybersecurity requirements for critical aviation systems
A US transportation security agency said Wednesday it plans to issue new cybersecurity requirements for some key aviation systems after several U.S. airport websites earlier this week were hit with apparently coordinated denial-of-service attacks. The TSA said Monday's cyberattacks that were allegedly organized by pro-Russian hackers "did not disrupt airport operations or access to information." TSA noted it previously "updated its aviation security programs to require airport and airline operators designate a cybersecurity coordinator and report cybersecurity incidents, conduct a cybersecurity assessment, and develop remediation measures and incident response plans." TSA added it plans to "soon issue additional performance-based cybersecurity requirements for critical aviation systems." The FAA as a condition of airport terminal grants said in a notice last month to airports they must demonstrate efforts "to consider and address physical and cyber security risks relevant to the transportation mode and type and scale of the project." The FAA added "projects that have not appropriately considered and addressed physical and cyber security and resilience ... will be required to do so before receiving funds for construction." The Government Accountability Office in a 2020 report said the FAA should fully implement key practices to address cybersecurity risks.<br/>
https://portal.staralliance.com/cms/news/hot-topics/2022-10-13/general/us-to-issue-new-cybersecurity-requirements-for-critical-aviation-systems
https://portal.staralliance.com/cms/logo.png
US to issue new cybersecurity requirements for critical aviation systems
A US transportation security agency said Wednesday it plans to issue new cybersecurity requirements for some key aviation systems after several U.S. airport websites earlier this week were hit with apparently coordinated denial-of-service attacks. The TSA said Monday's cyberattacks that were allegedly organized by pro-Russian hackers "did not disrupt airport operations or access to information." TSA noted it previously "updated its aviation security programs to require airport and airline operators designate a cybersecurity coordinator and report cybersecurity incidents, conduct a cybersecurity assessment, and develop remediation measures and incident response plans." TSA added it plans to "soon issue additional performance-based cybersecurity requirements for critical aviation systems." The FAA as a condition of airport terminal grants said in a notice last month to airports they must demonstrate efforts "to consider and address physical and cyber security risks relevant to the transportation mode and type and scale of the project." The FAA added "projects that have not appropriately considered and addressed physical and cyber security and resilience ... will be required to do so before receiving funds for construction." The Government Accountability Office in a 2020 report said the FAA should fully implement key practices to address cybersecurity risks.<br/>
