It’s a sure bet that Michelle Obama and Mel Gibson never expected to see their credit reports posted on a Russian website. And it’s unlikely the Chinese government believed itself vulnerable to systematic cyber-espionage. But Obama and Gibson’s credit reports did show up online and the Chinese government was indeed a victim of cyber espionage. It appears no one is truly safe from cyber attack.
While the attacks were not aimed at U.S. critical infrastructure—water, power, communications and transportation systems, it is likely that hackers routinely probe these systems for weaknesses and vulnerabilities.
There are also a growing number of overseas examples where critical infrastructure has been targeted to underscore that this possibility exists. In 2012, an attack against Saudi Arabia’s state-owned oil company, Saudi Aramco, destroyed more than 30,000 computers. Though the hackers attacked Saudi Arabian infrastructure, their message toward the United States was abundantly clear—as each computer was infected a burning American flag illuminated the screen. And, Stuxnet, a computer worm discovered in June 2010, attacked Iran’s nuclear facilities by targeting their Siemen software and equipment through Microsoft Windows. While it is not the first time hackers have targeted industrial systems, Stuxnet is the first worm built to spy on industrial systems as well as reprogram them.
In the air transport industry (ATI), cyber-attacks in India and South Korea and, closer to home, in Florida, show ATI is not immune to cyber threats.
But before airports can become more secure, airport directors need to identify where vulnerabilities lie. The following list is designed to help airport management pinpoint potential trouble spots. This is not an exhaustive list—cyber threats change rapidly, almost daily it seems. Airport administrators will need to review this list annually to add and remove focus areas as necessary.
Protect the “Front Door”
An airport’s communications network is the “front door” to the confidential privacy and financial information it maintains. Your email, stored documents, badge information, financial transactions, personnel records all traverse a communications link that you, as an airport manager, probably consider incomprehensible. While you may never understand it from a technical perspective, you can and should ask your IT team the following questions (and expect answers in non-technical language):
- Do we have layered security? This is fundamental. Network security is not just about running anti-virus software on every PC. It’s all-inclusive. This means that from your desktop to the Internet, you have protection. A good follow-up question is whether or not your IT team has had an external entity perform “penetration testing.”
- Have we invested in unified threat management devices (UTMs)? UTMs are an integral part of a layered security solution and include firewalls, content filtering, VPN (virtual private networks), and intrusion detection technologies.
- Have we secured all of our network “endpoints”? An endpoint is anything that can attach to your network, whether it’s a server or a USB drive. Pay particular attention to those small portable devices; like USB drives that are distributed by the hundreds at every airport convention. They can be carriers of threats when improperly handled.
- Have we properly “patched” our network? There are a number of routine network “housekeeping” tasks that should be part of your everyday security routine. Keeping all of your software updated is one. This not only includes Windows updates and patches for servers and clients, but applications and firmware upgrades on routers and switches. Many of these updates contain security fixes and patches.
Secure Your Transactions
Closely linked to your network is the security of credit card information. It requires special consideration as a breach in this area could cost an airport millions of dollars. There are three critical questions the airport director should ask its IT team: