The Aviation Industry, a Main Target for Modern Cyberattacks
Airports handle vast amounts of data every day, including passenger manifests, baggage systems, maintenance logs, and airport control systems. With most of these systems being isolated or air-gapped, the use of removable media remains the main method to transfer data between them.
Cyberattacks on the aviation industry’s infrastructure, specifically airports, can cause service disruptions, grounded flights, passenger safety risks, and massive financial losses. In March 2025, Malaysia’s Kuala Lumpur Airport was hit by a ransomware attack, leading to operational disruptions. Another attack on Bristol Airport forced its staff to run daily operations manually using whiteboards and paper posters instead of digital screens.
The Need to Secure Removable Media and Internal Data Flows
As the operator of one of the busiest airports in the EMEA region, our customer recognized the high risks and expanding attack surface due to an increasing reliance on removable media. Airport staff, contractors, and third-party vendors frequently interact with the airport’s internal systems, often using USB drives to transfer flight schedules, maintenance data, or software updates between isolated and networked systems. The lack of a clear removable media scanning policy raised concerns about file-borne threats and the ability to maintain oversight of file transfers.
The company worked with OPSWAT to strengthen its on-premises removable media security. The main goal was to implement a comprehensive, automated, and highly visible system that could scan every file entering the environment via removable media, without causing friction or delays in daily operations.
Deploying Distributed Scanning Stations with Centralized Management
Our customer also leveraged the design of MetaDefender Kiosk to seamlessly integrate with multiple OPSWAT products and technologies. To secure the scanned and sanitized file transfers after being processed by MetaDefender Kiosk, an integration with MetaDefender Managed File Transfer was implemented. An Integration with My OPSWAT Central Management™ was established to enable real-time monitoring, advanced reporting, and auditing capabilities.
With this integrated deployment, our customer was able to:
Enforce scanning at the points of entry where removable media are used
Automate secure file transfers of the sanitized data
Configure, update, and enforce security settings across all MetaDefender Kiosks from a single pane of glass
Monitor scan progress, activities, view threat logs in real time, and generate audit reports
We didn't expect to find that many solutions that are designed to integrate with MetaDefender Kiosk. This made the setup process much smoother and allowed us to focus more on day-to-day operations.
IT Operations Manager
Scanning Policy Enforcement, Strengthened Defense, and Streamlined Operations
The deployment of OPSWAT solutions noticeably contributed to significant improvements in the airport’s cybersecurity operations:
Better Security with Increased Malware Detection Rates
The MetaDefender Kiosk instances deployed included MetaDefender Core with 16 antivirus engines, which has been proven to achieve over 95% malware detection rates. In addition, MetaDefender Core includes industry-leading technologies, especially Deep CDR with its ability to detect and eliminate hidden threats, including zero-day exploits.
Improved Vendor Access Security
The policy and procedures for third-party vendors and contractors to scan USB drives become clearer and easier to enforce. MetaDefender Kiosk helped prevent unscanned removable media from passing through into the airport’s systems.
Centralized Visibility and Policy Enforcement
The integration with My OPSWAT Central Management proved essential for both IT and security teams. It enabled IT staff to monitor and analyze threat detection across all entry points, and cybersecurity specialists to analyze and audit the scan reports. It also boosted operational efficiency and saved time by enabling remote configuration and policy updates without physical access to each kiosk.
The central management capability of MetaDefender Kiosk changed the way we run our security operations. Since it is a preventive solution, we now focus more on monitoring scans and auditing, rather than responding to incidents.
Senior Cybersecurity Specialist
Building a Secure Foundation for the Future
With this proven defense layer at the point of entry, the company continues to work with OPSWAT to maintain and further enhance its cybersecurity posture, while exploring future enhancements. To enhance MetaDefender Kiosk protection by policy enforcement, another layer of validation is being considered. MetaDefender Media Firewall™ is an additional line of defense that enhances the proven protection capabilities of MetaDefender Kiosk by blocking unprocessed and unsensitized files.
OPSWAT’s integrated solutions protect sensitive IT and OT assets from cyberattacks and ensure operational continuity and regulatory compliance. To learn more about OPSWAT solutions and how they can secure your critical infrastructure networks, get in touch with an expert today.
