The move follows increases in cyberattacks in recent years, including the Bad Rabbit attacks that targeted Odessa International Airport in Octover 2017 and the Petya and NotPetya attacks in Europe and the US from 2016 onwards. The German airport is taking responsibility ‘for the functionality of critical infrastructure,’ said Thomas Weyer, Director of Infrastructure at Flughafen München, the company that operates Munich Airport.
The ISH features four training rooms and IT labs, a control room, and an amphitheatre for presentations. The airport plans to improve individuals’ cybersecurity skills by dividing them into groups, one of which is instructed to carry out a simulated cyberattack, while the other tries to defend the airport’s computers against them.
“Attacks on IT systems around the world have taken on new dimensions in terms of quality and quantity in recent years,” said Weyer. “New viruses, worms and malware are constantly being developed and turned loose on potential vulnerabilities in our IT systems.”
He also explained that the threat of cybersecurity extends beyond the airport, and that defences must be similarly expansive: “The further we move ahead with digitalisation, and the more functions are performed and networked by computers, the more potential points of attack they will present to global cyber criminals – and the more serious the potential consequences of targeted attacks will become.”
The work of the ISH will extend to other companies across a range of industries; public and private institutions will be able to train security experts using the hub’s resources. The ISH can be booked for individual training sessions, or long-term, regular meetings to improve a group’s skills over time. The airport called the presence of a specialised testing centre ‘essential for success’.
Marc Lindike, head of information security assurance at Munich Airport said that it has taken “the initiative and kick-started a platform which is intended as a pragmatic human and technical melting pot”.