Ways to reduce DDoS attacks on airports

Eric Vautier by Eric Vautier | Nov 15, 2023

Eric Vautier, the Chief Information Security Officer of Groupe ADP, discusses the changing nature of DDOS attacks. He also discusses the strategies to safeguard airport websites, information systems, and infrastructure against such attacks.

A Distributed Denial of Service (DDoS) attack occurs when a website or online service is overwhelmed with excessive internet traffic. Excessive traffic can cause the website or service to malfunction. DDoS attacks can take various forms, including volume-based attacks, protocol-based attacks, and application layer attacks. DDoS attacks have been around for a long time; however, we can observe new trends in these attacks. 

DDoS attacks have evolved and become increasingly challenging.

Hackers target airports because they are critical infrastructure.

Airports, in addition to being critical infrastructure, are often seen as representatives of a state or a region. It makes airports the focal point for cyberattacks aimed at weakening the geopolitical position and disrupting their security measures and operations. Airports need to be ready to resist deliberate cyber threats. 

The DDoS attackers employ multiple attack vectors.

Numerous airports have already established robust cyber security defenses against DDoS attacks. However, hackers can manipulate cybersecurity measures with enough time and effort, similar to other software.

Moreover, HTTP isn’t the sole protocol that can be utilized. Merging assault methods like SYN flood and DNS amplification with HTTP flood makes the defense of the victim more complex.

Attackers no longer focus solely on the official website.

Airports offer online services like parking reservations and reward programs, easily enumerated through automated systems. While airports used to rely on anti-DDoS protection for their primary official website, this is no longer sufficient. They must identify important web services and improve security, even if it costs more money.

Recommendations for protecting against DDoS attacks.

Below is just a short list of best practices that every airport needs to consider to increase its cyber resilience.

1) Identify your assets

Determine your resources (such as websites, Application Programming Interfaces (APIs), applications, Virtual Private Network (VPN), and so on) that are accessible over the Internet. Conduct a risk assessment, including DDoS attacks, for the most critical ones. 

2) Conduct a business impact analysis

This allows you to evaluate the impact of an internet outage at the airport level. Many airport processes rely on cloud apps. If there’s an internet disruption due to a DDoS attack, it can cause problems for the airport, airlines, and handlers.

3) Subscribe to a “Web Application and API Protection”          

The easiest option would be a cloud-based solution, which is easier to deploy. 

4) Don’t put all your eggs in the same basket

Airports frequently maintain their own websites. Consider having some of them hosted by a cloud provider, which often includes built-in anti-DDoS protection. Moving a website can complicate matters, especially if it is connected to in-house systems like AODB or CRM.

5) Start a Cyber Threat Intelligence (CTI) program

Cyberattackers often provide advance notice of their intended targets. Airports can prepare for attacks and secure their online applications by monitoring certain Telegram or X channels. Even if your airport isn’t the main concern, being aware of attacks on nearby airports can serve as an early warning.

6) Notify about any successful or unsuccessful yet noteworthy assault

Report any significant, whether successful or unsuccessful, cyberattack to the appropriate authorities, such as cybersecurity agencies and law enforcement. Victims must defend themselves and share important information, like Indicators of Compromise (IOCs), with authorities.

Groupe ADP is one of the few airport operators to be present in all aspects of the airport value chain, from upstream studies in engineering, master planning and design, to the commissioning and operation of intricate facilities (terminals, airstrips, luggage sorting, etc.). Groupe ADP operates the three main airports in Paris: Paris-Charles de Gaulle, Paris-Orly, and Paris-Le Bourget. Additionally, they also manage around ten other airports in the Paris area. 

Eric Vautier

Eric Vautier

In 1992, Eric completed his studies at the French Civil Aviation University. He became a part of ADP in 1996, where he played a significant role in the implementation of diverse airport systems and contributed to international projects in locations such as Dubai, Amman, Algiers, and Santiago of Chile. In 2008, Eric transitioned into the field of cybersecurity and presently holds the position of Group CISO at Groupe ADP, a global entity that operates 28 airports across the globe. Additionally, Eric serves as the Chairman of the Cybersecurity Task Force of ACI-Europe and has held the position of vice-chair of the Aviation-ISAC Board since 2022.
1 articles
Share This