Turbulence Ahead: Airlines Brace for Cyberattacks This Summer Season

As we approach the summer holiday season, the excitement for travelers is unfortunately accompanied by a rising concern: the persistent threat of cyberattacks targeting the airline industry. Recent incidents underscore the vulnerability of air carriers and their extensive networks, prompting urgent warnings from federal authorities like the FBI.

Just weeks ago, Hawaiian Airlines experienced a cybersecurity incident affecting some of its IT systems. While the airline confirmed that flights and passenger safety remained unaffected, the FBI has attributed this attack to "Scattered Spider," a notorious cybercriminal group. This group, known for its sophisticated social engineering tactics, often impersonates employees or contractors to deceive IT help desks into granting unauthorised access, frequently bypassing multi-factor authentication.

The FBI has explicitly warned that Scattered Spider is "expanding its targeting to include the airline sector," emphasising that "anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk." Once inside a victim's network, these actors aim to steal sensitive data for extortion and often deploy ransomware.

The threat extends beyond direct airline breaches. Qantas, Australia's flag carrier, recently disclosed a data breach that exposed the personal information of 5.7 million customers. This incident, a "textbook case of island hopping," targeted a third-party call center platform, highlighting the critical vulnerabilities within external service providers. Cybersecurity experts note distinct similarities between the Qantas breach and Scattered Spider's methods, as the group is known to exploit weaknesses in supply chains. The FBI’s warnings echo this, stressing that their targets include "large corporations and their third-party IT providers."

Even as recently as July 16, 2025, Air Serbia has been battling an ongoing cyberattack that reportedly delayed staff payslips and led to a deep compromise of its Active Directory. These incidents demonstrate the varied and persistent nature of cyber threats, ranging from data theft and extortion to significant operational disruptions. The interconnectedness of airline systems – from reservation platforms and flight management software to baggage handling and in-flight entertainment – creates numerous entry points for malicious actors. Industry experts warn that a single breach can cascade, potentially compromising critical flight safety measures.

The question then arises: as we prepare for peak travel, are airlines and their partners adequately prepared to defend against these evolving digital threats and truly safeguard passenger data and operational integrity?