Press note. Cipher, the cybersecurity unit of the prosegur group highlights the need to reinforce cybersecurity in a strategic sector such as aviationin a context marked by the sustained increase in cyber attacks against critical infrastructure in Europe. Although the recent incident registered in various European airports – which impacted the processes of shipping, billing and equipment management – highlights the magnitude of this type of risks, the truth is that the challenges are of a structural nature and cover the entire operating chain of the sector.
During 2024, cyber attacks against essential operators increased by 43% in Spain, and the trend is kept up in 2025, as they have been able to analyze from Cipher. In this context, the group’s cybersecurity unit has identified five main types of attacks that put the aviation sector at risk:
- Ransomware: attacks with malicious codes that block the systems and demand a ransom. It is the largest threat to the industry, affecting airports, airlines and suppliers.
- Cybernetic espionage: Groups sponsored by states seek to steal strategic data such as flight plans, defense and aeronautical technology contracts. APT41 (China), APT28 (Russia) and APT33 (Iran) have been identified as key actors in these attacks.
- Attacks on the supply chain: Hackeos to strategic suppliers can indirectly affect airlines and airports, causing massive interruptions.
- Vulnerabilities on devices: The integration of connected sensors and devices expands the attack surface and exposes to aviation to new forms of digital intrusion.
- Hackivism and ideological attacks: Groups with political or social motivations have launched attacks against aviation. In 2023, Mysterioous Team Bangladesh attacked airports in Saudi Arabia in what seemed to be a protest linked to the conflict in Gaza.
David Fernández Granado, CEO of Cipher, emphasizes that current threats «They are characterized by their sophistication, persistence and diversity of motivations. In addition to ransomware, digital espionage represents a growing risk, since it allows access to strategic information such as routes, contracts, technology and regulatory data. The increasing integration of interconnected digital systems expands the exposure surface; Without adequate protection measures, a single gap can trigger interruptions of great magnitude ».
In this scenario, Cipher bets on a digital security strategy focused on four fundamental axes: periodic cybersecurity audits that include external suppliers; reinforcement of early detection and threat intelligence; Implementation of support systems and continuity protocols that ensure the operation even against critical incidents; and promotion of collaboration between regulatory agencies, state institutions and private actors to develop common standards and share cyberamez intelligence, in line with European regulations such as NIS2.
