Real risk that attackers could start “aiming attacks at the airports directly to disrupt critical national infrastructure.”
More than one in five websites operated by airports contain publicly known and exploitable vulnerabilities, while 97 percent still use some form of outdated web software, according to a new report by Switzerland-based web security company ImmuniWeb.
The company, which tested the cybersecurity of 100 of the world’s largest airport’s websites, found a mishmash of vulnerable web applications, misconfigured clouds and code repository leaks among other worrying security issues reported this week.
A worrying 71 airport websites were found to have serious security vulnerabilities that could be exploited by hackers.
Out of the 100 airport websites tested only three received a clean bill of health; Amsterdam Schiphol, Helsinki-Vantaa, and Dublin Airport.
During their testing the researchers found that only 45 out of the 100 websites are running web application firewall software.
With regards to GDPR legislation 76 of the websites were found to be in breach, the firm suggested, with three exposing AWS S3 public cloud storage buckets containing sensitive data to the public.
Ilia Kolochenko, CEO of ImmuniWeb, said: “Given how many people and organizations entrust their data and lives to international airports every day, these findings are quite alarming…
“Cybercriminals may well consider attacking the unwitting air hubs to conduct chain attacks of travellers or cargo traffic, as well as aiming attacks at the airports directly to disrupt critical national infrastructure.”
In 2018, the UK’s Bristol Airport was hit by a ransomware attack that knocked its in-house passenger information display systems offline, forcing staff to manually write out all flight information on whiteboards.
The airport claims that no security-critical systems were breached during the incident, but it did highlight how easily an airport could be disrupted by a cyber attack.
— Julieanne McMahon (@julieanne_mc) September 14, 2018
Kolochenko notes that: “Today, when our digital infrastructure is extremely intricate and intertwined with numerous third-parties, holistic visibility of your digital assets and attack surface is pivotal to ensure the success of your cybersecurity program. Without it, all your efforts and spending are unfortunately vain.”