While you are at the airport, most people are concerned with physical security threats. What about the hidden risks? Cybersecurity puts most consumers at risk, and they do not even realize it. Technology has made the whole airport experience more streamlined, but at the same time, giving hackers more opportunities to steal information.
I personally have used airline apps to book my flight. I did not take a checked bag since it was a quick trip. I skipped the ticket counter and headed straight to the TSA security checkpoint with my mobile boarding pass and carry-on bag. The TSA checkpoint is the only point I was required to show identification. Once I got to my gate, the flight crew scanned my mobile pass on my smartwatch and allowed me to board. My whole airport experience was hastened with hands-free technology, but what cybersecurity did I put myself through without even realizing it?
In 2016, aviation systems had 1,000 cyber-attacks each month (Spero, 2018). With 19,633 airports in the U.S. alone, you can quickly see the wide range of opportunities hackers have to exploit. A recent report found that 97% of the world’s largest airports had cybersecurity vulnerabilities (Spero, 2018). Hackers know that people sometimes have long layovers and will try to connect to free Wi-Fi hotspots to watch movies or catch up on work. Rogue hotspots are Wi-Fi access points set up by attackers in attempts to steal credit card information or other personal data (Willemsen & Cadee, 2018). The rogue hotspots will be disguised as an actual airport Wi-Fi name, so many people do not realize that their information is being stolen. Another security threat is airline mobile applications. It was found that 100% of the applications had at least two vulnerabilities. These vulnerabilities include privacy issues, external software frameworks, and 33.7% of the applications not even equipped with encryption (Craiger, 2021). There are no security standards for these applications currently.
 |
| Note. Table from (Craiger, 2021). |
The airport’s infrastructure also has risks for cybersecurity. Many times, third parties are the ones who install the software. They will often add new software to the old, outdated equipment making the systems obsolete (Willemsen & Cadee, 2018). In 2016, Vietnam Airlines’ systems went down from hackers, and they had to do everything by hand causing delays (Spero, 2018).
TSA has 20 layers of U.S. aviation security (Federal Aviation Administration, 2017). Some of these layers such as the intelligence teams, pre-screening, and security officers are all tackling the cybersecurity threat. For example, security officers keep an eye out for open ethernet ports and any devices that are left unoccupied (Craiger, 2021). What else can be implemented to cut down on the airport cybersecurity threat? Travelers should be overly cautious with connecting to airport Wi-Fi and using mobile applications. Hackers will go to great lengths to steal personal information. If anyone sees something suspicious, they should report it. Another measure that should be taken is that airlines should have a set standard for minimum security encryptions and routine software checks for any leaks. Third-party companies should also be held accountable for audits of their systems to ensure everything is running smoothly. Everyone can play a part in airport cybersecurity.
Resources
Craiger, P. J.[NCyTE Center]. (2021, June 20). National Airspace System and Airport Cybersecurity (3 of 3) [Video]. YouTube. https://www.youtube.com/watch?v=ziAvyNYNZBA
Federal Aviation Administration. (2017, August 1). Inside look: TSA layers of security. Inside Look: TSA Layers of Security | Transportation Security Administration. Retrieved August 26, 2022, from https://www.tsa.gov/blog/2017/08/01/inside-look-tsa-layers-security
Spero, J. (2018). Digital-keen customers put airport cyber security at risk. FT. Com, http://ezproxy.libproxy.db.erau.edu/login?url=https://www.proquest.com/trade-journals/digital-keen-customers-put-airport-cyber-security/docview/2072386187/se-2
Willemsen, B., & Cadee, M. (2018). Extending the airport boundary: Connecting physical security and cybersecurity. Journal of Airport Management, 12(3), 236–247.
No comments:
Post a Comment