Q
MENU
Trending
Hexnode’s Apu Pavithran
Revolutionized Ellie Gabel
SML’s Ingemann Dalsgaard
POXO RFID Automation
NewRocket’s Frank Palermo
Wiliot’s Amir Khoshniyati
2025 Reflections de Backer
Reflections Aileen Ryan
Reflections Charles Greene
2025 Reflections Energous
Reflections Mark Roberti
Elatec DevPack Update
CCC Future Interview
AI Missing Link
Tageos EM Microelectronic
CISC Semiconductor Qualcomm
Grandtag RFID Antennas
Chainway Case Study
Industrial IoT Opportunities
Schreiner RFID Syringes
Honeywell AI Offerings
RFID School Tracking
Impinj Expands Gen2X
Verizon IoT Survey
Dallas Cowboys Jersey
High-Altitude Platforms
2026 Growth Forecasted
SML Investors
Smart Space Portal
Frew RFID Scorecard
Eseye IoT Interview
NFC Forum CR15
Peacock Bros RFID
RFID Government Property
Tageos Trackonomy BLE
Xerafy Impinj RFID
Submissions to RFIDJouranl.com
Walmart Avery Dennison
Food Safety RFID
Mathieu de Backer Interview
Graph-Tech USA RFID-Runner
Industry 4.0 Arrival
Impinj Dyche Interview
Smart Reading Tools
Signicat ReuseID
AI RFID Data
RFID Catering Inventory
SML Sells Clarity
Physical AI Future
Amundsen Trimco ESPR
Hana Auburn University
Wiliot Walmart AmbientIoT
Checkpoint Mexico Facility
Ambient IoT Is Here
Canadian Hospital IoT
AsReader Mexico City
WM Phoenix Open
AI RFID Risks
LoRaWAN Smart Buildings
RFID BW Papersystems
Scaling IIoT OEM
Avery Dennison Impinj
Trackonomy Acquires InPlay
USDA RFID Tags
RFID Accelerating Workflows
Claire Swedberg
ClarityRFID Rebrand
Fabletics Expands GreyOrange
DFI Retail TradeBeyond
RFID Oncology Care
Qualcomm Integrated RFID
Portabile RFID Test
Spark TokenMe Tracking
BLE Supply Chain
NFL Zebra Partnership
NXP DDP Solution
Rudholm L.A. Expansion
RFID Revolutionizing Retail
NFC Chester Racecourse
Soracom Intelisys Partnership
Xerafy RFID Textiles
RFID Grid Monitoring
RAIN GS1 DPP
HID Acquires Calmell
RF Controls Memphis
California AI Rules
Zebra Xemelgo Investment
RFID Working Conditions
Fabletics Keonn RFID
AI Banking
SAS Digital Twins
RFID In-Mold Label
Laundris GT Linens
Supply Chain Data
Signicat Acquires Inverid
Allegion Acquires ELATEC
Metalcraft Global RFID
Reshaping Delivery Ecosystems
NextNav Plum Response
Tilly's, Nedap Partnership
TSC Auto ID
Identiv Narravero DPP
Efficient AI Models
Roberti's Expert View
Avery Dennison Recyclability
RFID Food Chain

RFIDJournal.com Reflections 2025: Hexnode’s Apu Pavithran

Published: December 31, 2025Author: Apu Pavithran, CEO & Founder, Hexnode
RFID Planes Apu
Adobe/Gorodenkoff

Lessons From Aviation’s Turbulent 2025: Securing Digital Infrastructure for The Year Ahead

It hasn’t been a good year for the airline industry. Several high-profile incidents at home and abroad have thrown the sector’s aging technology, software security, and device management into sharp relief. And as airports invested billions in RFID baggage tracking, IoT sensors, and connected operations, these systems became the very attack surface that security couldn’t keep up with.

I’m sure we all remember the thousands of flight cancellations last year due to a faulty software upgrade by CrowdStrike. Around the same time, a glitching flight planning app used by airline pilots was vulnerable to attacks that could have compromised safe takeoff and landing procedures. Coupled with the fact that aviation has seen a 600% increase in ransomware attempts over the past 12 months, these incidents paint the picture of a sector that’s digitally transforming faster than security and operations can keep up.

And the industry is waking up: SITA reported in May that 77% of North American carriers now rank cybersecurity among their top IT priorities for 2025. With endpoints at almost every operational level, and bad actors only growing in scope and scale, airlines can and must securely modernize before attackers exploit the gaps they’ve left wide open.

Backdoors in the Race to Digitize

The shift to digitized tools makes aviation more efficient in many ways, but the flip side is that every device, app, and update becomes a potential point of weakness. The glitching mobile pilot app is a particularly stark example as the device in question— known as an Electronic Flight Bag (EFB)— contains everything from flight charts and performance data to navigation tools and weather updates. So, if it stops working, it can prevent a flight from taking off altogether. The potential for cascading failures, especially when multiple third parties with their own vulnerabilities are involved, increases the stakes of getting security right.


rfid-nl-cta

Ransomware thrives under such conditions. Airlines need uptime to get planes and people from A to B. Bad actors know that exploiting backdoors can cause maximum disruption in the hope of maximum payout. This is something we saw last September when the Port of Seattle, which operates the Seattle-Tacoma International Airport, was hit by a ransomware attack that disrupted multiple services including baggage, check-in kiosks, ticketing, and flight display screens. The public agency refused the ransom demands but warned that this could lead to subsequent data leaks.

This is a numbers game for hackers. That attack didn’t result in a payout but another probably will. From the tarmac to the cockpit, the sheer sprawl of RFID readers and IoT sensors makes it incredibly difficult to monitor every endpoint and prevent it from becoming an entry point.

Interestingly, despite the big jump in ransomware, 70% of these attacks involve credential theft or unauthorized access to critical systems, giving a clear starting point for where airlines should redouble their attention.

Lacking the Appropriate Tech and Strategy

On the whole, airlines are still flying blind when it comes to comprehensive device management. Three-quarters of airlines now use mobile devices to aid check-in, half have biometric-enabled systems, and staff increasingly rely on tablets for operations. And yet, endpoint security barely registers in airline investment priorities.

There are, of course, tools and methods that can help bridge this gap without breaking the bank. Zero-trust policies ensure that only compliant devices can access systems. Unified endpoint management (UEM) platforms help monitor updates over a dispersed fleet, enabling remote configuration, enforcing encryption and passcode policies, and locking down devices to essential flight operations. Additionally, threat detection systems flag unusual activity, identity and access platforms limit exposure, and mobile security tools track risks in third-party apps that might otherwise fly under the radar.

Credit where it’s due— some progress is being made. All airline respondents in the SITA report are implementing privileged account management, single sign-on authentication, and DDoS protection. This is a start but there’s still a way to go.

No single tool solves everything and often the bigger problem isn’t a lack of technology but a lack of a cohesive strategy. This balance is crucial as aviation systems become increasingly complex.

Foundation Must Come First

Expect to see new efficiencies across airline operations, passenger services, and systems development as the industry rushes to embrace artificial intelligence (AI). With 72% of North American airlines already training AI models and nearly half making it their top IT priority, the transformation is happening fast. This is no surprise given that hackers are using smarter tools and admins want to fight fire with fire. But, and it’s a big but, we must be careful that this isn’t at the expense of basic security hygiene.

My advice? Secure the fundamentals first. You can’t protect AI-driven systems if you can’t protect the assets that form your operational backbone. Therefore, in addition to updating your security culture and ensuring it’s a team effort, push for something much more proactive: continuous threat modeling, regular policy updates, and audits that don’t wait for an incident to trigger them. AI can certainly help in these endeavors but only when paired with solid device management and security culture foundations. This is how we create always-active defenses against always-active hackers.

This isn’t a call for a new revolution in aviation security. Most airlines already have the right instincts. What’s missing is operational fluency that keeps pace with digital evolution. Currently, the accelerated pace of digitization has created thousands of connected readers, tags, and integrated systems that too often sit outside traditional security perimeters. Airlines that secure this infrastructure now will be ready for the AI-powered future. Those that don’t, however, risk seeing more advanced systems compromised by the same endpoint vulnerabilities they’re ignoring today.

About the Author: Apu Pavithran, CEO & Founder, Hexnode

Apu Pavithran is the founder and CEO of Hexnode and a recognized consultant, speaker, and thought leader in the IT management community with a focus on governance and information security.

Posted in: Expert Views

Tagged with: aviation, Cybersecurity, EFB, Electronic Flight Bag, ransomware

Related Posts

RFIDJournal.com Reflections 2025: Revolutionized’s Ellie Gabel

RFIDJournal.com Reflections 2025: SML’s Nanna Ingemann Dalsgaard

RFIDJournal.com Reflections 2025: POXO RFID Automation’s Unnati Sharma

RFIDJournal.com Reflections 2025: NewRocket’s Frank Palermo