The FBI also warned<\/span><\/a> on June 28 that a cybercriminal group called \u2018Scattered Spider\u2019 had turned its attention toward the aviation sector, using impersonation to compromise security.<\/p>\n The alert was issued on X.<\/p><\/div>\n Protecting ourselves from these attacks has become a multi-million dollar<\/b> industry.<\/p>\n High profile attacks in recent months have impacted both Aeroflot<\/span><\/a> and Qantas<\/span><\/a>, the latter likely carried out by none other than Scattered Spider – the group the FBI are worried about.<\/p>\n There has been a response to this growing risk.<\/p>\n There is an obvious intent to include cyber security in future regulations.<\/b> While not yet law, recent advisories and bulletins make it clear that operators are expected to begin taking proactive steps.<\/p>\n A good place to start is AC 119-1A<\/span><\/a> which provides an overview of cyber security requirements, risk assessments and best practices. Also keep an eye out for cyber threat alerts which can be published by SAFO, Notam or other notices.<\/p>\n The FAA is also actively working with ICAO and other agencies to harmonise future cyber protection practices<\/b> under Annex 17 (Security).<\/p>\n The examples above relate to attacks on larger airlines and IT infrastructure. A valid question remains then, what does this all mean for biz av?<\/p>\n While not a traditional target, many business aviation operators lack<\/b> dedicated IT departments or cyber defence teams. <\/b>We also frequently carry high-net worth individuals on sensitive operations which may motivate nefarious cyber activity.<\/p>\n Recent reports from the industry show that biz av isn’t immune:<\/p>\n In 2020, a major manufacturer of business jets confirmed<\/span><\/a> a cyber-security breach that compromised personal and aircraft ownership information.<\/p>\n Another example from May this year involved a Europe-based private jet operator which appeared<\/span><\/a> on a ransomware group’s leak site. Sensitive crew info was shared, which reportedly included passport photos.<\/p>\n It\u2019s clear that business aviation is not under the radar<\/strong> – therefore we must remain measured but cautious in our approach to emerging cyber threats.<\/p>\n Feedback from industry experts and OPSGROUP members suggest that a closer look at the electronic security of EFBs warrants a closer analysis.<\/strong><\/p>\n![\"\"](\"https:\/\/ops.group\/blog\/wp-content\/uploads\/2025\/08\/FBI.png\")
The FAA is paying attention<\/b><\/h4>\n
What about business aviation? <\/b><\/h4>\n
EFBs – A Soft Target?<\/b><\/h4>\n
![\"\"](\"https:\/\/ops.group\/blog\/wp-content\/uploads\/2025\/08\/20230416_172530_1200x1200.webp\")