Earlier this month, the Government Accountability Office reported that U.S. air traffic control is susceptible to the threat of hackers. For three years, the Federal Aviation Administration has been aware of unencrypted password and transmission storage and had failed to fix known vulnerabilities. In addition, the FAA continues to use servers beyond end of life.
As reported by NPR, FAA administrator Michael Huerta countered the GAO's findings in front of a House panel last week. He maintained the safety of the air traffic control computer system and stated that the agency is taking steps to further protect their computer system from permeability.
In spite of FAA efforts, the GAO report highlighted the agency's weaknesses in sensitive data encryption and user authentication. Further, GAO lists as another fault the FAA's shaky control of access to sensitive data.
FAA air traffic control operations include more than 46,000 personnel managing thousands of flights each day. Among the legislators who called for the GAO report is Oregon Rep. Peter DeFazio, who voiced concern regarding the possibility of a terrorist breach at a House Transportation subcommittee hearing.
According to NPR, the GAO has classified most of its findings, but the agency's public report concludes,"While the Federal Aviation Administration (FAA) has taken steps to protect its air traffic control systems from cyber-based and other threats, significant security control weaknesses remain, threatening the agency's ability to ensure the safe and uninterrupted operation of the national airspace system (NAS)."
For the threat of a data breach on such a large scale, the greatest protection lies in employing big data analytics to monitor information and catch intrusions before any serious damage is done. Proper security information management could literally be a lifesaver.
Cybersecurity news and analysis brought to you by ArcticWolf, inventors of firebreak detection and response security services. Firebreak, when your firewall fails.