The Transportation Security Administration will require agency-regulated airlines and airports to step up their ability to withstand malicious attacks, according to a cybersecurity amendment released Tuesday.
The move comes less than a week after the Biden administration announced its national cybersecurity strategy and months after similar requirements were unveiled for passenger and freight rail carriers.
“Protecting our nation’s transportation system is our highest priority and TSA will continue to work closely with industry stakeholders across transportation modes to reduce cybersecurity risks and improve cyber resilience to support safe, secure and efficient travel,” TSA Administrator David Pekoske said in a statement.
The measures are effective immediately as part of an emergency amendment to existing TSA requirements and all covered airlines and airports have been contacted, a TSA spokesperson said via email.
Regulated airlines and airports are required to develop an approved implementation plan that includes the following steps:
- Develop network segmentation policies and controls to make sure operational technology systems can continue to run safely in the event of an IT compromise.
- Create access control measures to prevent unauthorized access to critical cyber systems.
- Implement continuous monitoring and detection policies and procedures to detect and respond to threats and anomalies in critical cyber system operations.
- Apply security patches and updates to protect operating systems, applications, drivers and firmware on critical cyber systems using risk-based methodology.
Threat actors have targeted the aviation industry in the U.S. and overseas using various types of intrusion methods in recent months.
American Airlines was targeted in July 2022 as a phishing attack gained unauthorized access to its Microsoft 365 environment.
The airports of several U.S. airports were targeted by Russian-speaking hackers in October in DDoS attacks.