Top 5 Risks to Business Aviation in the US

Matthew Borie

Chief Intelligence Officer

View profile

Matthew Borie

Chief Intelligence Officer

As Chief Intelligence Officer, Matt provides strategic direction for Osprey’s data collection and analytical output, as well as expert analysis on a wide range of aviation-related issues, with a focus on conflict zone activity.

He has 14 years of aviation security and intelligence experience in the public and private sectors. Previously, Matt worked as an intelligence analyst at the MedAire & Control Risks Aviation Security Center. Prior to that, he completed an eight-year enlistment in the US Air Force, serving as an Operations Intelligence Craftsman. During his Air Force career, Matt provided intelligence support to fighter aircraft operations, including a deployment to a location in Southeast Asia; he also completed deployments to Iraq and Afghanistan.

Matt holds an Associate’s and Bachelor’s Degrees in Intelligence Studies from American Military University (AMU) and, in August 2015, completed a Master’s Degree in National Security Studies from AMU, followed by a Graduate Certificate in Terrorism Studies in December 2017.

Over the last year, the aviation industry in the United States (US) has been exposed to many risks and threats. With the global community continuing to recover from the COVID-19 pandemic and experiencing the impacts of the ongoing war in Ukraine, the aviation industry is facing challenges that have not been experienced on this scale before. Many of these are outside the control of airlines and airports, but by understanding the dynamics of each issue, we can limit its impacts on operations. We will discuss the current risks to the safe operations in the US and the outlook of 2023.

Aviation Safety

Osprey:Explore chart showing Aviation Safety pings for the United States from January to September 2022

Aviation safety-related incidents in the US continue to be a key concern. Staffing shortages and supply chain issues in the aviation sector continue to negatively impact the safety of flight operations. Operators should continue to be flexible in their itineraries and be prepared to adjust them due to an increased potential for heightened aviation safety and/or security measures for the airspace and/or airports resulting from situations that may develop.

2023 Outlook: Aviation safety incidents have the potential to cause follow-on disruption to airport security operations. Aviation operators are advised to review internal and external mechanisms for aviation safety reporting. Any revisions to processes should account for air and ground safety occurrence provisions as part of a wider aviation risk management strategy. In addition, operators are advised to ensure that emergency response and communications plans are up to date in order to enhance continuity during times of crisis. They are also advised to monitor airport/airspace-specific notices, bulletins, circulars, advisories, prohibitions and restrictions prior to departure to avoid flight schedule disruption.

Crime

Osprey:Explore chart showing crime pings for the United States from January to September 2022

Osprey recorded an increase in criminal activity in the vicinity of airports in the US throughout 2022. Such activity has the potential to negatively impact transiting passengers, personnel and/or flight crews. Due to the prevalence of arms and gun ownership by the general public in the US, pre-flight personnel security awareness training for aircrew is advisable. Some of these incidents highlight the need for aviation operators to ensure they have appropriate measures in place to ensure logistical access and ground transportation support at airports in the US, such as the use of a ground handler, FBO, security provider or local staff.

2023 Outlook: Incidents involving armed assailants, active shooters, or suspected active shooters frequently lead to widespread panic among passengers and staff, which itself can pose significant safety and security issues. During times of panic, security personnel may be severely limited in their ability to act efficiently and effectively. For this reason, large-scale panic or disorder could be deliberately incited as a distraction by those wishing to conduct attacks against aviation. Protocols should be put in place to help maintain levels of security as well as employee personal safety during times of panic or disorder; in particular, operators should ensure armed assailant and/or active shooter emergency action plans are in place. Such plans should account for panic amongst the public and its impact on employees and processes.

Aviation Security

Osprey:Explore chart of aviation security pings for the United States region from January to September 2022

Aviation security is generally high-profile and overt at international airports in the US. Typically, there are multiple layers of security features, including perimeter fencing, security camera usage and controlled access points, as well as armed personnel conducting active patrols. In addition, security personnel have been trained to the highest international standards. However, analysis of publicly available data indicates there were numerous notable incidents involving security breaches and/or armed individuals at airports in the US during 2021 and thus far in 2022, ranging from business/general aviation facilities through regional/minor international airports to major hubs.

2023 Outlook: While reporting did not specify the motivations of the individuals involved in most of the breaches described above in the US in 2022, at least one was charged with making a terroristic threat, highlighting significant security concerns. Indeed, the incidents highlight vulnerabilities that could be exploited by individuals with more nefarious intent; for example, those wishing to conduct an attack on an aviation facility and/or air assets. Vandalism, tampering or sabotage in airside areas of any airport is a general concern. Operators should consider safeguarding aircrafts through the active use of asset anti-tamper measures (locks, tags or seals) and utilise a ground handler, FBO or locally embedded staff for additional airside support services to supplement existing airport security features.

Social Unrest

Osprey:Explore chart for social unrest pings in the United States from January to September 2022

In 2022, social unrest activity increased across the US, with aviation worker industrial action being an area of concern. On multiple occasions throughout the year, protests have led to traffic disruption along roads leading to airports. Aviation workers also conducted several walkouts over wages.

2023 Outlook: While previous unrest by aviation staff in the US has been peaceful, all forms of protests and demonstrations should be avoided as a precaution. Operators should be prepared to extend accommodation and arrange ground transportation at short notice for crew unable to depart on schedule. The use of a ground handler, FBO, hotel concierge or local staff is advised to ensure logistical access and ground transportation support at US airports.

Cyber 

Osprey:Explore chart of cyber pings in the United States from January to September 2022

Aviation entities are highly desirable targets for cyber attacks as they possess significant quantities of valuable data. For instance, passenger personally identifiable information (PII), airport security arrangements and manufacturers’ avionics designs, which could be used for fraudulent activity and as leverage in extortion. In addition to the exposure of company data, including that of customer and employee information, and the potential for follow-on cyber crime, data breaches have other potential impacts, including possible legal and financial sanctions, as well as the potential impact the incident could have on the company’s reputation.

2023 Outlook: Notably, due to the COVID-19 pandemic, even more data is being captured by entities, particularly aviation operators – such as health records, vaccination status and travel history – which will also likely be targeted. PII – which in this instance included names, mailing addresses, email addresses, phone numbers, etc. – can be used nefariously by cyber criminals to conduct a range of fraudulent activity, including scams and identity theft. Additionally, using contact information, cyber criminals could conduct phishing attacks with the intention of garnering further personal information to conduct fraudulent activity, obtaining banking information and/or to deliver a virus embedded in an email.

Osprey:Explore map showing locations of aviation security, safety, social unrest, crime and cyber incidents in the US between October 2021 and October 2022