Specific Exposures and Threat Scenarios Malware/Ransomware Initial Access (Exploitation via device) General Ransomware Campaigns: Ransomware actors often gain initial access through phishing campaigns targeting aviation employees or by exploiting exposed VPN/RDP servers. Mobile devices are the primary target for phishing/social engineering attempts. Ransomware group LockBit demanded $200 million from Boeing in 2023. Attacks on airport…

Sofema Aviation Services (SAS) considers a number of core documents used in support of EASA compliant cyber security initiatives. AMC 20-42 Airworthiness Information Security Risk Assessment Date: June 2023Description: Guidance for assessing airworthiness information security risks, including threats and mitigations. COMMISSION DELEGATED REGULATION (EU) 2022/1645 Date: July 2022Description: Rules for managing aviation information security risks impacting safety. COMMISSION IMPLEMENTING REGULATION (EU) 2023/203 Date: October 2022Description:…

Sofema Aviation Services (SAS) reviews key changes introduced in the EASA 2024 Regulatory Update, impacting operations and maintenance under EASA regulations. During 2024, the European Union Aviation Safety Agency (EASA) introduced several significant updates to regulations concerning maintenance operations and Continuing Airworthiness Management Organisations (CAMOs). Key developments include: Easy Access Rules for Continuing Airworthiness (Revision…