As an industry, airlines control huge volumes of customer data across extensive networks, operate one of the most complicated vendor and supplier networks of any industry, and are substantial contributors to national GDP both as an employer and as a transportation operator.

Despite being a USD2 trillion industry, razor-thin margins mean that the operational or financial implications of a cyber event cause serious challenges for an airline operator.

Airlines transact more credit cards then almost any other industry
Airlines are central coordinators for extensive networks ranging from front end ticket sales and customer support to back office crew management and flight operation centres, an interruption of any of these functions can cause operational and financial implications
Considered representatives of their respective states, airlines are targeted by well-funded and organised state actors, hacktivists and other politically motivated groups, as well as crime syndicates
Manage huge volumes of Personally Identifiable Information from travel documents to health information
Heavily reliant on a supply chain to drive sales, manage passenger logistics, and often maintenance and other sub-suppler responsibilities
Heavily regulated industry is driving cyber security standards and regulations such as the EC261/2004 grant consumers remuneration in the event of flight cancellations or delays
Operating across multiple jurisdictions creates data privacy challenges at the local level
As a transportation company data and networks must be accessible 24/7 to ensure passengers fly and that they can purchase their next tickets!
In such a competitive industry delays, diversions, cancelations or even passenger confusion, or worst case mass panic, due to a cyber event can have serious reputational implications and cause financial harm
New technology in an increasingly ‘elastic’ industry means there are new security challenges to address with less resources to monitor and resolve
With such extensive employee networks, it is difficult to manage human error and limit data breaches and ensure network integrity

Screenshot 2016-05-04 11.24.12

Malicious Cyber Events are often the hardest to predict and can cause the most reputational harm. With the intent of disruption operations in the hope of inciting an element of customer panic or direct financial loss, these events can materialise in a number of ways:

  • Data or system degradation causing interruptions to flights
  • Cyber extortion
  • Privacy breaches or network security events

E-Cyber is designed to protect airlines against these malicious cyber attacks providing comprehensive coverage for crisis management in identifying and resolving the cause of the cyber or extortion event, as well as offering the financial protection for any fallout, such as:

  • the increased cost of working or direct loss of net income due to the covered event
  • defence costs and any subsequent damages or fines which may be incurred as a result of the event
Screenshot 2016-05-04 11.26.26

Data manipulation, ransom, and breaches are a major concern for airlines given the high volume of Personally Identifiable Information they collect, which varies from passport and ID credentials through to credit and banking information, or even health records. This data is shared across an extensive employee network and multiple jurisdictions making data management extremely complicated.

Whether the data is corrupted, exposed, or held ransom, E-Cyber is designed with an understanding of the inherent exposure airlines encounter in managing large data repositories. The policy is designed to cover the cost to the company of managing through a data breach, or a ransom event, as well as data restoration in the event of a cyber event. The policy further extends to consider the legal and regulatory implications of data breaches or any damages due to third parties not being able to access data.

Screenshot 2016-05-05 08.00.44

Much like data management, maintaining network integrity presents a serious challenge, as inadvertent System Failures can be just as disruptive as malicious cyber attacks. Whether the failure is caused by negligence or mistake in managing the company’s system, a programming error, or a malfunction or failure of the company’s system, the airline’s operational outage will cause financial loss.

Many of these system exposures are intended to be covered within the E-Cyber policy as the triggers for business interruption and the liability sections extend beyond malicious acts and to the practicalities of managing a centralised network, from front end sales to back end flight operations, across a regional or even global infrastructure. As a result, we handle many of these system interruptions as if they were malicious and would look to provide coverage for event management to identify and resolve the system failure, the increased cost of working or direct loss of net income due to the covered event, or any defence costs and any subsequent damages or fines which may be incurred as a result of the event.


November 2015 – A major hotelier was the subject of a cyber attack. Malicious software was found on some point of sale systems and affected franchised restaurants, coffee bars and gift shops within their hotels and properties. The breach persisted over a 17 week period. The data stolen included credit card information and social security information.

March 2015 – A restaurant chain was closed for over a week after its point of sale and back office systems were infected by ransomware. The restaurant was unable to operate without access to these systems. A hefty ransom was demanded.

June 2014 – A large takeaway pizza company was a victim of a ransomware attack. 650,000 customers records were compromised and a ransom of €30,000 was sought as a bribe.

September 2013 – A large restaurant chain with 33 restaurants in various locations suffered a significant data breach over an 8 month period. During this time, credit card details and personal data had been stolen as part of a highly sophisticated criminal operation.

March 2015 – A large hotel group was subject to a cyber attack affecting 10 of its hotels worldwide. The hacker used malware to acquire the credit card numbers of individuals who used a credit card for dining, beverage, spa, guest rooms, or other products and services.

February 2015 – A large hotel lodging company reported two data breaches in a year, following a number of complaints of fraud on customer credit and debit cards that were all recently used at a string of hotel properties run by hotel franchise firm. The company suspected breach of point-of-sale systems at 10 locations.

Throughout 2011 – Two men from Romania admitted to participating in an international conspiracy that hacked into credit-card payment terminals at more than 150 fast food restaurant franchises and stole data for more than 146,000 accounts.

2006 – Failures with an online booking system left a hotel unable to accurately manage its bookings, resulting in financial loss from under-occupancy and damage to reputation.