Are airports prepared for the challenges related to Big Data?
The Big Data challenge
Dematerialised data will play a key role in the future of airports. Airports are hubs for both people and information and, as such, process large amounts of data. Handling aircraft from multiple countries, hundreds of thousands of passengers and luggage of all sorts, airports manage information from a multitude of sources. They must also take into account data from around the world – on traffic at other airports or the local weather, for example. To process this data, new information and communication technologies have become essential.
New opportunities have arisen as a result of the Internet of Things (IoT): a system of devices, all of which have been given unique identifiers and the ability to send data without requiring human-to-human or human-to-computer interaction (according to the definition by TechTarget).
This has led to many innovations. For example, at Reykjavik Airport, sensors connect to passengers’ smartphones, registering the telephone’s ID without collecting personal data, to track travellers’ itineraries. The aim is to produce real-time estimates of passenger flows in order to optimise resources. This has allowed the airports to produce better estimates of waiting times for passengers, and manage teams and personnel more efficiently.
Biometric data are also leading to innovations. The term biometrics refers to quantitative data on physiological or behavioural characteristics which can be used to identify individuals.
On 13 April 2017, ImageWare, a leader in mobile and cloud-based biometric identification tools, announced that it had been selected to supply biometric identity management software to five airports in Alaska. Rather than identifying passengers, this system will be used to identify personnel. It will allow airports to run background checks and confirm the identity of employees, contractors and vendors working onsite.
These new technologies are being used to manage huge flows of data, improving the efficiency of services and boosting airport security. They replace current systems by using data that supposedly cannot be falsified.
However, new technologies must be robust enough to prevent failures. Given the fact that they are automatic and interconnected, the smallest vulnerability can lead to expensive and even dangerous delays for airports. According to Carolina Ramirez, global director of security and facilitation at the International Air Transport Association (IATA), cyberattacks can cost airports hundreds of millions of dollars in revenue and irreparably damage their reputations.
A recent study commissioned by cybersecurity firm CGI and conducted by Oxford Economics analyzed data from 2013 to today, and concluded that companies affected by severe security breaches – breaches resulting in large data losses – saw their share prices fall permanently by an average of 1.8%. The study also revealed that investors had lost at least €42 billion due to severe incidents since 2013. Unfortunately, the airline sector is not immune to such attacks.
In July 2013, a cyberattack against Istanbul’s Atatürk and Sabiha Gökçen airports brought down passport control systems in departure areas. Passengers had to wait for hours, and most flights were delayed.
More recently, a cyberattack launched by a Russian criminals is thought to have caused Sweden’s air control system to go offline between 4 and 9 November, according to Norwegian news portal Aldrimer.no. Hundreds of international and domestic flights were cancelled when radar systems stopped working. Air traffic controllers were unable to see any aircraft on their screens. According to the website, the Russian intelligence agency may have been testing its electronic warfare capabilities.
Clearly, no structure is completely immune to hacking – and the consequences of these attacks can be disastrous.
Solutions for airports
Attacks can be prevented by ensuring that data security concerns reflect the increased use of dematerialised data. Often, the right security questions are not asked when IoT or data processing systems are implemented. Airports can take a number of steps to protect themselves against cyberattacks.
Firstly, it is essential to raise awareness of cybersecurity among employees, clients and contractors to tackle cybercrime. By making these groups more responsible for their actions, airports can develop appropriate data security measures.
Secondly, it is important to understand the risks. This makes it easier to develop strategies, goals and positions on cybersecurity issues. This may involve offering training to the staff concerned and engaging in dialogue with all levels of airport management.
Thirdly, airports should regularly perform external audits, penetration tests and website analyses.
Finally, advanced protection measures should be installed for all critical control networks and infrastructures to minimise the risk of hackers accessing these systems.
In recent times, airports have faced a double challenge: growing passenger numbers combined with the explosion of new information technologies. This has led to new ways of processing data, but these changes have not always been accompanied by appropriate information security measures.
Let us hope that recent events will serve as a lesson, and that airports will urgently implement robust cybersecurity infrastructures.