Madrid, September 16, 2025.
- In a world where cyberattacks paralyze hospitals, banks, and power grids, aviation may emerge as the next major target.
- With millions of lines of code managing critical in-flight functions, digital failure could have far more severe consequences than frozen bank accounts.
- An aircraft running poorly managed software may be exposed to cyberattacks. The difference is that, in the air, the consequences are not measured in stolen data but in real risks to passenger safety.
In 2017, the world came to a standstill when the global WannaCry cyberattack struck hospitals, companies, and banks in more than 150 countries. A single security flaw in outdated systems was enough to disrupt critical operations and threaten essential infrastructure. Today, cybersecurity experts warn: the next target could be in the skies.
The increasing digitalization of aviation has turned aircraft into highly connected systems, with software managing everything from navigation to communications. And like any digital system, they can be vulnerable if not properly implemented and updated.
“A modern aircraft can contain more than 10 million lines of code just in its critical systems. If an update isn’t thoroughly verified, instead of protecting the aircraft, it could open the door to cyberattacks with unpredictable consequences,” explains Samuel García, aerospace cybersecurity expert at ANZEN Engineering.
Cyberattacks: global impact and strategic value
The motivations behind cyberattacks on aircraft often aim for global impact. An attack on an aircraft or its control systems can affect thousands of passengers and trigger chaos at airports worldwide. Meanwhile, criminal groups or states in conflict view civil and military aviation as strategic targets for cyberattacks.
The growing interconnection only increases these risks: from pilot tablets to onboard Wi-Fi networks, every access point is a potential entryway.
And although critical flight systems are isolated and protected, poorly managed software can introduce additional vulnerabilities that compromise safety.
Software that flies: invisible but essential
On an aircraft, software doesn’t just run in-flight entertainment or communications. It also controls critical functions such as navigation, fuel management, autopilot, and sensor and alarm monitoring.
That’s why every update must be secure, verified, and traceable. This means rigorously ensuring the code meets safety and functionality requirements in simulated environments before installation, checking it doesn’t conflict with other systems, distributing it through encrypted and authenticated channels to prevent tampering, and documenting and auditing its origin and performance. “This is what we call software assurance,” notes the ANZEN Engineering expert.
Systems Engineering: A key ally against aviation cyberattacks
This is where systems engineering comes into play—a discipline that combines different technologies and expertise to create safe, reliable solutions. Its goal is to anticipate problems before they occur, ensuring everything works precisely and in coordination.
Within systems engineering, there are two key approaches to strengthening aviation cybersecurity. First, integrating cybersecurity analysis with RAMS (Reliability, Availability, Maintainability, and Safety). While RAMS ensures systems operate correctly and safely throughout their lifecycle—even under adverse conditions, cybersecurity complements this vision by protecting them against intentional threats.
Second, conducting analysis in a model-based environment, known as MBSE (Model-Based Systems Engineering). This approach enables the digital representation of complex systems, including software architecture and behavior under different attack scenarios. This way, vulnerabilities and integration issues can be anticipated before the software is installed on an actual aircraft, reducing risks from the earliest design stages.
In short, just as mobile users receive alerts to update apps and protect against viruses, aviation also needs to keep its systems updated—but with far stricter standards. The difference is that, in this case, a failure doesn’t just freeze a screen; it can compromise the safety of an entire flight.
Aircraft cybersecurity is no longer optional—it is a priority. And as with banks in 2017, the best protection is anticipation.
About ANZEN Engineering
ANZEN Engineering is an international engineering company specialized in critical systems for the aerospace and defense sectors. Founded in 2019, it supports technically complex projects around the world, providing expertise in safety, reliability, airworthiness, ILS, cybersecurity, and MBSE. Its multidisciplinary team works with globally recognized standards, ensuring the certification and robustness of the platforms it supports. With a presence in Europe, the U.S., and the Middle East, ANZEN strengthens its position as a strategic, reliable, and independent partner committed to technical excellence and sustainable innovation.
Media contact
Raquel Parra
r.parra@iprisma.es
