<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=183336108931044&amp;ev=PageView&amp;noscript=1">

Is your system vulnerable to cyber-attacks?

Air Traffic Control

Reading time: 3 minute(s)
Rolf Parnemann

Rolf is Director of Sales at GuardREC AS and has extensive experience helping organizations in the ATC industry meet the increasingly demanding requirements they're facing.

With several types of cyber threats and a wide array of methods for unauthorized persons to access sensitive data, the ATC industry standards for cybersecurity have a long way to go to catch up with the potential risk.

This article is part 6 of the 6-section Technical Whitepaper: Crucial elements to consider when choosing your ATC recording solution

System providers may not invest enough in cybersecurity, putting you at risk of experiencing critical data loss, accidental deletion of incident data, and being unable to protect OTAs and controllers from public exposure.

 

Cyber threats – categories and methods

Outdated security design and features, insufficient access management, weak password policies, poor encryption, and a lack of traceability are common areas being exploited by cybercriminals.

Cyber threats are generally divided into three categories:

  1. Threats to confidentiality:
    Attacks designed to steal personal information (such as bank account information, credit card information, social security information, etc.)
  2. Threats to integrity:
    Attacks by cybercriminals that access and release sensitive information to the public
  3. Threats to availability:
    Attacks on availability aim to deny access to systems and data. There are two distinct sub-groups: Ransomware and Denial of Service (DoS)

Common methods used by cybercriminals include:

  • Social engineering
  • Phishing
  • Advanced Persistent Threats (APT)
  • Malware
  • Man-in-the-middle attack
  • DoS: Denial of Service

 

Choose a vendor with a strong focus on cybersecurity

While no one can guarantee 100% protection, a strong focus on cybersecurity measures should weigh heavily in your choice of recording and replay solution vendor.

Your vendor should offer:

  • Strong password policies and other cybersecurity initiatives
  • Customized levels of password policy, including multi-factor authentication, a lockout policy, block policy, and password requirements 
  • Support for encryption of stored data (AES256) and user access management
  • A solution that includes extensive traceability capabilities, such as alarms, audit trails, and logging

A strong password policy is particularly important, as your system is only as strong as its weakest link and in cybersecurity. And more often than not, the weakest link is the end-user.

Want to learn more about choosing the right recording and replay solution for you?

Read our complete Technical Whitepaper →

Brands that trust us

For ATC and Bank & Finance compliance officers, guardREC™ is a recording and replay solution that is built on the promise of transparency, quality and innovation. Our technology is trusted by some of the biggest brands and companies in ATC and Bank & Finance:

 glogo01
 
glogo02
 
 
glogo03
 
Sitti_logo_500px
 
glogo05
 

Technical Whitepaper

Crucial elements to consider when choosing your ATC recording solution.

Find the optimal recording and replay solution for your needs. This guide is divided into six sections, each highlighting an important subtopic when choosing your recording and replay solution:

  1. Compliance
  2. Completeness
  3. Investigation
  4. Documentation
  5. Expansion and scalability
  6. Cybersecurity

 

Read the complete technical whitepaper →

guardREC Technical whitepaper Crucical elements to consider when implementing your ATC recording solution.png
bottom-cta-atc-red.jpg

Request a Demo

Get a demo of the world's most robust compliance recording solution.
REQUEST A DEMO