WestJet Cyberattack: Cracks in Aviation’s Digital Armor

A major cyberattack has rocked Canada's second-largest airline, WestJet—crippling internal systems and prompting warnings for customers to monitor their accounts and change passwords. But this is more than just a corporate incident. It’s the latest sign of a broader, escalating crisis in aviation cybersecurity.

In this episode, we examine the WestJet breach in the context of a rapidly evolving threat landscape. With airlines facing more than 1,000 cyberattacks each month, we unpack the critical vulnerabilities putting passenger safety, operational continuity, and public trust at risk. From DDoS attacks grounding flights at LOT Polish Airlines to phishing campaigns linked to the MH370 tragedy, history shows the aviation sector is an attractive and dangerous target.

We dive into the technical and organizational weak points—unpatched systems, insecure networks, and undertrained personnel—that attackers continue to exploit. And we explore the international standards and frameworks designed to fight back: ISO 27001, ISO 22301, ISO 27032, and the NIST Cybersecurity Framework.

Most importantly, we discuss how airlines and airports can move from reactive measures to proactive security—layered defenses, real-time detection, and rapid incident response. Whether you're in cybersecurity, aviation, or simply a frequent flyer, this episode breaks down why the WestJet incident is a loud alarm the entire industry must heed.

🔐 Key Talking Points:

• What we know about the June 2025 WestJet cyberattack
• Aviation’s unique cybersecurity vulnerabilities
• Lessons from past incidents (LOT, Malaysia Airlines, etc.)
• How global frameworks like ISO and NIST can strengthen defenses
• Why personnel training is just as critical as technical tools