Cybersecurity for Private Aviation: The Jet Is the Target
The aircraft broadcasts its position to anyone with a $30 antenna, the itinerary travels by email through a dozen handlers, and the cabin wifi trusts every device aboard. The adversary has noticed.
In June 2025 the FBI issued an unusual warning: Scattered Spider, the social-engineering collective behind some of the costliest corporate breaches of the decade, had pivoted to aviation, breaching carriers across the United States and Canada by talking their way past help desks. The same year, federal prosecutors in the Southern District of New York arrested a private charter broker for wire fraud and aggravated identity theft, and security researchers catalogued more than 400 lookalike domains impersonating private jet and charter brands to harvest payments and identities. Business aviation has discovered what banking learned a generation ago: the money does not need to be stolen from the vault when it can be redirected in transit.
The structural problem is that private aviation runs on trust and email. A single trip touches the flight department, a charter or management company, an FBO at each end, handlers, caterers, ground transport and sometimes a broker — small firms, the NBAA notes, often without any IT department at all — exchanging itineraries, passenger manifests and seven-figure wire instructions over ordinary inboxes. Each node knows where the principal will be, when, and with whom. We mapped the shared threat surface of jets and yachts in our superyacht & jet cybersecurity briefing; this is the aviation-specific layer, where the exposures are sharper and more procedural.
The itinerary is the crown jewel
FBO and handler email compromise is the signature attack of the sector. A criminal who phishes one trip-support coordinator inherits a live feed of movements: tail numbers, ETAs, passenger names, hotel blocks. That intelligence feeds three follow-on crimes — physical targeting on arrival, convincing invoice fraud (a fuel release or handling invoice that arrives exactly when expected, from a thread the victim recognises), and the redirected wire. Aircraft transactions are the worst case: international, time-pressured, seven or eight figures, with closing instructions emailed between parties who have often never met. The NBAA's guidance on transaction cybercrime exists because the pattern keeps paying.
Charter and broker wire fraud
The charter market adds a marketplace problem. Those 400-plus spoofed domains exist because charter payments are large, urgent and unfamiliar — the ideal conditions for a lookalike booking portal or a broker whose payment details quietly changed. The SDNY arrest demonstrated that the threat is not only external; identity theft inside the brokerage chain is now a prosecuted reality. Every wire connected to the aircraft — charter, fuel, maintenance, acquisition — deserves out-of-band verification against a known voice, not a number printed in the email requesting the money. Add that modern attackers can clone the voice of a broker or a CFO, a capability we dissect in our deepfake protection briefing, and callback procedures themselves need hardening.
The aircraft that announces itself
Since 2020, ADS-B Out has been mandatory: the aircraft continuously broadcasts its GPS position, unencrypted, on 1090 MHz, to anyone with a hobbyist receiver. Enthusiast networks aggregate those signals worldwide, which is how single-account jet trackers turned tail numbers into public theatre. The FAA's remedies are partial by design. LADD removes the aircraft from FAA-fed displays but not from independent receiver networks; the Privacy ICAO Address (PIA) programme rotates the aircraft's broadcast identity but, as the FAA itself concedes, a code can be re-linked to a registration by simple observation at a home airport. Real opacity is layered: PIA plus LADD, a trust-owned registration, disciplined call-sign hygiene, charter or fractional lift for sensitive movements — and the assumption, always, that the airframe's location is knowable.
The cabin is a branch office
Then there is the network you carry with you. A modern jet with Starlink-class connectivity is a flying branch office: principal devices, family iPads, guest phones, crew EFBs and personal devices, all sharing one cabin LAN that was usually configured by an avionics installer, not a security engineer. A flat network means one compromised guest phone sits beside the principal's laptop during the most concentrated work hours of the week. On the ground it is worse — FBO lounge wifi is precisely the public network on which auto-connect should be off, and crew devices that hop between FBO networks across three continents become the courier that carries compromise aboard.
The jet does not need to be hacked. It announces its position, emails its plans, and trusts every device in the cabin.
What a hardened operation looks like
The fixes are unglamorous and decisive. Segment the cabin network — principal, guest, crew and aircraft systems on separate VLANs with a real firewall, with the principal's traffic wrapped in always-on VPN. Put hardware security keys and verified callback procedures on every party that can move money or itineraries, including the management company and broker. Issue crew hardened, managed devices and treat FBO wifi as hostile by default. Layer PIA, LADD and registration hygiene over the tail number. Monitor continuously — the network, the inboxes, the domains impersonating your operation — because each of these controls decays quietly without an owner.
This is the work of Obsidian Helm's yacht, jet & estate practice: a private cybersecurity office for principals, operated by IT Cares Canada since 2014, working entirely remotely, worldwide, under NDA. We harden the cabin network, drill the flight department and the family office on the wire-fraud playbook, manage the tracking-privacy stack, and watch — quietly, continuously — so that the aircraft remains what it was bought to be: private.
Audit the Aircraft Before Someone Else Does
A $4,999 Private Strategy Session — credited in full toward membership — maps your aviation exposure end to end: cabin network, FBO and broker email chains, wire procedures and tracking footprint. Conducted remotely, worldwide, under NDA.
Request Your InvitationFrequently asked
What are the biggest cybersecurity risks in business aviation?
The leading risks are email compromise at FBOs, handlers and brokers — which exposes itineraries and enables invoice and wire fraud — followed by flat, unsegmented cabin wifi networks, crew personal devices, public ADS-B position tracking, and lookalike charter websites. The FBI warned in 2025 that organised social-engineering groups had begun targeting the aviation sector directly.
Can my private jet really be tracked by anyone?
Yes. ADS-B Out, mandatory since 2020, broadcasts your aircraft's GPS position unencrypted on 1090 MHz, and volunteer receiver networks publish it worldwide. The FAA's LADD and Privacy ICAO Address programmes reduce exposure but are not foolproof — a rotating code can be re-linked to your registration by observation. Effective privacy requires layering both programmes with registration and call-sign hygiene.
How does FBO and charter wire fraud actually happen?
An attacker compromises or spoofs one mailbox in the trip chain — a broker, handler or trip-support desk — then sends a realistic invoice or revised wire instruction timed to a real flight. Because the email arrives in an expected thread at the expected moment, it gets paid. Prevention is procedural: out-of-band callback to a known voice for every payment or banking change.
Is in-flight wifi on a private jet secure?
The satellite link itself is generally robust; the weakness is the cabin network behind it. Most jets run a flat network where guest phones, crew devices and the principal's laptop share one segment, so a single compromised device can reach everything. Proper security means VLAN segmentation, a real firewall, always-on VPN for principal traffic and continuous monitoring.