In 2023, eight billion data records were compromised globally. The average cost of a cyber data breach was approximately US$4.45 million, excluding the cost of reputational damage. The potential outcomes of a cyber breach can grow exponentially, which is why flight departments need to maintain cyber vigilance. The fact is if an airframe is connected to the internet without active cyber protocols, passenger data is as vulnerable as if they were sitting in a coffee shop.
Gogo’s powerful cybersecurity blocks approximately 10,000 attempted malware attacks on customer assets every day, and we monitor how threats are constantly evolving. We also note that many flight departments, operators, and owners still don’t expect a cyber event, leading to increased digital vulnerability.
A lack of cyber awareness enables bad actors to exploit the situation through diverse means. Social engineering is a common strategy. It uses software, readily available on the web to manipulate user behavior. Phishing is the most well-known of these threats, as fraudulent emails aim to collect valuable personal data.
It is also becoming more sophisticated. Phones are vulnerable to Smishing as fake texts are used to extract data. Vishing uses publicly available digital recordings, AI, and background research to generate convincing fraudulent phone messages in which voices and speech patterns are emulated. Deep-fake scams are facilitated by highly sophisticated ransomware, spyware, and advanced persistent threats.
Artificial intelligence (AI) is becoming a significant new factor on the cyber landscape. AI-driven Phishing is creating far more convincing fake emails as generative AI creates flawless and contextually relevant emails. Meanwhile, a vocal form can enable interactive, deceptive conversations with chatbots posing as vendors or regulatory personnel, making it difficult to distinguish them from regular callers.
AI can collect and cross-reference data from flight logs with public profiles, industry databases, and other sources to target attacks and use the data to create Deepfake audio and video impersonations of key personnel for fraudulent requests. At the same time, automated AI can launch large-scale attacks on entire aviation organizations and find and exploit weaknesses in flight management systems, communications networks, and ground infrastructure, as well as cracking passwords.
Thankfully, AI can also be a force for good. It can detect threats early and initiate a rapid response and remedial action. Behavioral analytics can identify anomalies in flight data and network traffic, creating a powerful defense mechanism when combined with human expertise.
At Gogo, we don’t just focus on delivering your data, but also on keeping it safe. We offer cyber awareness courses for aviation IT professionals, crew, and passengers to enhance awareness and provide tools to mitigate the threats. Our curricula navigates the complexities of security and cyberthreat prevention from an aviation perspective, identifies common risks, defines attack methodology, and describes current cybersecurity concerns within aviation. Modules relating to data protection during international travel are complemented by information on using personal devices before, during, and after a flight.
In addition to training, we offer three levels of cybersecurity services. The entry-level actively monitors threats by proactively observing live flight data behavior. Human experts work with AI and refined machine reading technology at our NOC to evaluate data transmission. If the system identifies discrepancies, remedial action is taken.
Our Advanced Encryption service utilizes our router platforms and infrastructure to apply proprietary technology, optimizing a secure and accelerated tunnel through which encrypted, anonymized data passes between the aircraft and the ground to effectively protects the entire aircraft network.
The third level creates a Private Network, transforming the aircraft cabin into a secure corporate workspace. The data never touches the public internet, effectively making the aircraft as safe as an office while also giving visibility into the network for threat monitoring.
Our training teaches that the human element is a vital foundation on which to build cyber vigilance. Among our top tips, we recommend always using passwords to protect cabin Wi-Fi and, on the ground, only logging on to external Wi-Fi via a password. Devices should never be plugged into unfamiliar docking stations, and a USB drive should never be used unless its ownership is assured.
In an increasingly digitalized aviation environment, the need to be ever more aware of cyber vulnerability cannot be overstated. We ask you to remember that altitude does not make you cyber-safe. Visit the Gogo booth 320 to find out more about how to protect your data.
Gogo is going on the road in Europe to showcase the benefits of our Gogo Galileo antennas. To discover more about where, when, and how you can experience firsthand the new era of business aviation connectivity, visit Gogo booth 320 during EBACE 2025.
