Without doubt, the information technology (IT) and Industrial Control Systems (ICS for its acronym in English) are fundamental to the operation and efficiency of the industrial complexes and the strategic infrastructures, such as airports.
air terminals, the availability and reliability of computer systems is critical, since upon them rests the various operations both on land and in the air space and surrounding areas. For this reason, in recent years, have been the target of attacks by cybercriminals, a trend that puts at risk not only the continuity of the operation, but the physical integrity of persons, warned Kaspersky Lab, a global company of cybersecurity.
The airports are vulnerable to cyber attacks, and not only that, the consequences of ignoring this fact can become very unpleasant, even catastrophic," explained Eugene Kaspersky, CEO of Kaspersky Lab.
unlike the corporate networks of traditional IT, where confidentiality is of the utmost priority, the systems ICS require continuity and flawless consistency of the technological process.
Just by installing a security software does not mean that the industrial network is protected. Internal processes, technologies and equipment should be analyzed; it is needed to develop a threat model and a strategy of protection; the software needs to be adapted to the specific requirements of the network; specialists require training, and many more things. All of this to keep what’s most important: the continuity," added Kaspersky.
Not only updates inadequate can be problematic. Obsolescence is another major risk, since often the airports used by computers that do not prevent the interaction with the external world, or that operate with software that was created several decades ago.
For all of the above, Kaspersky Lab, in addition to recommending the implementation of a comprehensive system of cyber security, advises airports to adopt a cyber culture, where each one is responsible for his actions and understands how to use the principles of cyber security in their daily operations.
warning Signs
In June of 2015, the national airline of Poland, LOT was the victim of a cyber attack in the Frederic Chopin airport in Warsaw, where his system is in charge of preparing the flight plans was violated by an interval of five hours. This caused the cancellation and postponement of a dozen domestic and international flights, as well as hundreds of passengers stranded.
despite the fact that the spokesmen of LOT commented that it was a targeted attack, experts of Kaspersky Lab suggested that it may have been the result of a human error or equipment malfunction.
Months prior to this incident, a security researcher of aviation called Chris Roberts rose to fame when he was accused of hacking into an airplane of United, because allegedly managed to access the commands of flight through the entertainment unit of your seat… as long as tuiteaba what he did!
Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? “PASS OXYGEN ON” Anyone ?
— Chris Roberts (@Sidragon1) April 15, 2015
Cases such as these highlight the urgent need to manage cyber risk in the airport infrastructure, mainly under an approach of developing the skills of prediction and response to incidents.
No comments:
Post a Comment