Tackling the problem of leaked credentials in aviation

This covers
A key lock resting over a bank card.

An open and cost-effective
service is all it takes.

Unmanaged or poorly managed credentials are a high-value target for hackers, offering intruders insider access to networks and accounts. This has major consequences in terms of financial losses, stolen confidential data, or disruption of the business – and it’s increasingly common in the aviation world.

Analysis compiled by our European Air Traffic Management Computer Emergency Response Team (EATM-CERT) service shows that the number of cyber threats continues to grow, with over 130,000 credential leaks this year affecting 90 stakeholders in the pan-European aviation sector; in 95% of cases, the password was also leaked. (Believe it or not, investigations reveal the frequent use of extremely obvious passwords such as “123456” or “password”).

While password security is one of the most basic best practices for operational security, compromised credentials, which can also include PINs and software and hardware tokens, continue to pose a high-impact risk for any organisation. Properly managing and securing passwords and other credentials is a critical step towards an effective cybersecurity programme, and one of the awareness-raising activities we are busy organising with our stakeholders.

Credential leaks detection service

EATM-CERT provides a wide range of services aimed at protecting the Agency and its stakeholders against cyber threats which can affect the confidentiality, integrity and availability of operational IT assets and data. This includes our credential leaks detection service, which allows constituents to be alerted when credential leaks associated with their domain names are detected. For that, we use a monitoring service developed by SpyCloud.

Since 2018, a growing number of stakeholders from our Member States have been subscribing to receive our free-of-charge monitoring support, with more than 90 users and a growing number of domains monitored. This shows that there is a real demand for and benefit to be gained from this initiative.

Benefits of the service

Our credential leaks detection service has the following operational, financial and security benefits for our stakeholders:

  • early detection of compromised accounts;
  • corrective measures to make passwords more secure;
  • increased security awareness and promotion of behavioural changes in staff within the organisations concerned;
  • the development of internal security policies which restrict the use of professional email to professional purposes only;
  • reduction of the impact of phishing campaigns carried out using stolen credentials;
  • the provision of the service at no extra cost, allowing some organisations to benefit from a service they could not afford otherwise;
  • the provision of a service which would be about 12 to 20 times more expensive if each user were to be procure it on their own.

The credential leaks detection service is a tangible example of how the aviation community can proactively create a network of mutual support, where partners collaborate to make aviation more secure and cyber-resilient, and do so in a cost-effective manner.

Interested to learn more?

Visit our dedicated pages to read about our service and activity.

What’s next?

On 30 October, Patrick Mana, our Cybersecurity Program Manager will take the floor to share the lessons learned and findings of the EUROCONTROL EATM-CERT, the European Air Traffic Management Computer Emergency Response Team. His presentation will focus on the results which we have achieved to date and benefits provided in support of the aviation sector.

On the same occasion, he will describe this service and others which we provide within the Agency and to the benefit of our stakeholders and Member States.

Visit our dedicated event page to learn more about the event and our expert's presentation.

Photo of Barcelona at sunset
Stakeholder event

Making aviation more resilient

Cyber attacks pose a serious risk to the aviation sector, but we all know that no business will ever be 'cyber-proof'. So what can we do about it?
At EUROCONTROL, we work closely with our partners to build on existing initiatives to create a cyber resilience framework and make it available to all stakeholders across Europe.