Have hackers got into the air traffic control system?
A new audit by the Department of Transportation’s Inspector General is raising questions about the security of the Federal Aviation Administration’s computer systems, which could potentially affect air traffic control systems. However, you need to read the fine print.
The audit found that several of the administrative systems, such as personnel records and whatnot were vulnerable in the FAA computers. While ATC systems are independent and separate, what it appears to be is a case of a person creating some ‘record’ (like an ID card) that would allow them physical access to an ATC center where they could then do a bit of damage. The IG also criticized FAA for not having proper monitoring systems to oversee their computer systems. For example:
- Unauthorized access was gained to information stored on Web application computers associated with the Traffic Flow Management Infrastructure system, Juneau Aviation Weather System, and the Albuquerque Air Traffic Control Tower;
- Unauthorized access was gained to an ATC system used to monitor critical power supply at six en route centers;
- Vulnerability found on Web applications associated with the Traffic Flow Management Infrastructure system was confirmed, which could allow attackers to install malicious codes on FAA users’ computers.
We tested 70 Web applications, some of which are used to disseminate
information to the public over the Internet, such as communications frequencies
for pilots and controllers; others are used internally within FAA to support eight
ATC systems.3 Our test identified a total of 763 high-risk, 504 medium-risk, and
2,590 low-risk vulnerabilities,4 such as weak passwords and unprotected critical
file folders.
Related posts:
- Military spent $100 million fighting hackers in six months and cost is going up. There is an interesting pice today from CNN. The...
- NSA / DHS moves cybersecurity battlefield to the ISPs rather than government servers with Einstein 3 rollout. NSA and DHS moves cybersecurity FEBA (Forward Edge of the...
- Hackers did not get any good data on F-35 Strike Fighter program Pentagon officials are playing down reports that sensitive data on...
- Could the Posse Comitatus Act affect the Pentagon’s Cyber Command? Well, it’s just a theory I’m thinking about right now....
- NSA to screen civilian computer networks–AT&T first taker for Einstein 3 The Obama administration is going to announce that they will...
Related posts brought to you by Yet Another Related Posts Plugin.
