ACI EUROPE Open Letter calls for stronger collective cybersecurity resilience against emerging AI threats linked to “Mythos”

Europe’s airports have warned that the emergence of “Mythos”-class artificial intelligence cyber capabilities marks a significant escalation in the global cyber threat landscape and requires immediate action across the airport ecosystem.

In an open letter published this month, ACI EUROPE highlighted that airports operate within highly interconnected environments involving airlines, ground handlers, software vendors, cloud providers and industrial systems – meaning vulnerabilities anywhere in the supply chain can have far-reaching operational consequences.

The association called on technology partners, managed service providers and software suppliers supporting airport operations to urgently strengthen their cybersecurity resilience against AI-enabled threats capable of autonomously identifying and exploiting vulnerabilities at unprecedented speed and scale.

ACI EUROPE outlined a series of priority measures, including:

• reduced attack surface exposure and reinforced zero-trust security principles,
• risk-based vulnerability management processes,
• stronger software supply chain security aligned with the EU Cyber Resilience Act,
• transparent vulnerability disclosure and rapid remediation mechanisms,
• the establishment of a Software Bill of Material (SBOM),
• automated defensive security testing and the use of advanced AI-enabled detection tools,
• robust resilience and recovery capabilities.

Within the letter, Olivier Jankovec, ACI EUROPE Director General, said ‘the aviation sector has always demonstrated resilience in the face of evolving risks. With the right level of cooperation, transparency, and shared responsibility across the entire ecosystem, airports remain confident in their ability to adapt to this new cybersecurity environment.’

Find the full open letter below.

• Open Letter on the Emergence of “Mythos”-Class AI Cyber Capabilities