The aviation industry faces significant vulnerabilities from both physical and cybersecurity threats, highlighting the urgent need for enhanced cybersecurity measures amid increasingly sophisticated attacks. This paper systematically reviews emerging threats at airports, analyzing real-world incidents and relevant literature while mapping risks to the MITRE ATT&CK Matrix, a widely recognized knowledge base for categorizing cyberattack tactics, techniques, and procedures. This is the first to apply the MITRE Matrix to airport security risks, offering a novel approach to understanding and mitigating these challenges. Building on this analysis, the paper advocates for modern cybersecurity defense models, emphasizing Cybersecurity Frameworks and Zero Trust Architecture, as well as critical measures for supply chain risk management and strategies to mitigate ransomware and DoS attacks. Our analysis provides insights into vulnerabilities and actionable recommendations, serving as a comprehensive guide for aviation stakeholders to strengthen defenses against evolving cybersecurity threats.

翻译：航空行业面临物理与网络安全双重威胁的显著脆弱性，在攻击手段日益复杂的背景下，强化网络安全措施的迫切性日益凸显。本文系统梳理了机场面临的新兴威胁，通过分析真实案例与相关文献，将风险映射至MITRE ATT&CK矩阵——这一广受认可的网络攻击战术、技术与程序分类知识库。本研究首次将MITRE矩阵应用于机场安全风险评估，为理解与应对这些挑战提供了创新视角。基于上述分析，本文倡导现代网络安全防御模型，重点阐述网络安全框架与零信任架构，同时涵盖供应链风险管理的关键措施、勒索软件与拒绝服务攻击的缓解策略。我们的研究揭示了漏洞特征并提出了可操作建议，为航空业利益相关方构建抵御不断演变的网络威胁的防御体系提供了全面指南。