With increasing cyber threats being reported across the globe, personal flight details of air travellers need greater protection, an expert said.
The hacking and defacing of the website of the Customs Department at the Indira Gandhi International Airport in Mumbai in August has come as a wake-up call to security administrators.
In addition, a recent audit conducted by the Bureau of Civil Aviation Security (BCAS), found lapses at several non-metro airports. With India being the ninth largest aviation market, handling about 121 million domestic and 41 million international passengers annually, security upgradation is a major concern.
In an interview with Express, John Kendall, Director, National Security Programme, Unisys Asia Pacific, said airlines and airports in India must contend with both physical and cyber threats.
“As travellers become more aware of potential threats, they are also more willing to undergo security measures to help make their travel safer,” he said.
The International Air Transport Association (IATA) has predicted that in 2013, more than three billion passengers would travel by air, almost double the number that flew in 2001. And this number is expected to double by 2030, he explained.
“To remain competitive, airports — often in cooperation with airlines — are developing and testing innovative ways to offer personalised services for air travellers,” said Kendall.
Airlines are adopting stringent security measures to protect sensitive passenger data collected this way, but more needs to be done, he suggested.
“The latest generation of passenger aircraft, like the Airbus A380 and Boeing 787, use networks that wirelessly connect to airport and airline IT systems once on the ground. As a result, cyber threats now rank alongside physical threats when it comes to aircraft and passenger safety,” Kendall said. Kendall, whose company has worked on extensive system integration at the Delhi International Airport Limited (DIAL), said security was already a top priority in airports, but it was “traditionally limited to physical security.”
With new identity-based services, security of passenger information will need to be treated with the same rigour and urgency, he urged.
Foolproof security in place: BIAL
An official from Bangalore International Airport Ltd (BIAL), who wished not to be named, said 'foolproof' security measures are in place to protect passenger data. “The airline data systems are interlinked to the airport network and we store them up to three months. A proper data archiving system is also in place, in addition to back-up mechanisms,” the official said. He said BIAL is yet to implement the biometric data processing system of passengers, a norm in place at some of the airports abroad.
The official said the IT apparatus at the BIAL actively monitor approximately 18000 IP ports across campus and approximately 120 clients. “The SIEM (Security Information and Event Management) solution at the BIAL is aimed at mitigating the cyber threats with real-time capture of all Incidents through different logs and alerting the IT SOC (Security Operation Centre) for live threats. With a huge network of systems and servers, a solution to co-relate the events has also been put in place,” the official added.