Non-Subscriber Extract
Cyber-security looms large for ATC
By Alan Osborn, Ben Vogel and Paul Cochrane
30 June 2009
One of the aviation industry's worst nightmares – the theft of credentials to access a major airline's Citrix computer system by a criminally controlled server – was uncovered in May 2008 by US-based Internet security company Finjan.
"The server contained a lot of stolen data, including the credentials to log in to a well-known US airline and access Citrix, which enables airlines to provide remote access to their database for employees," says Yuval Ben-Itzhak, Finjan's Israel-based chief technology officer. "Once you log in it's equal to accessing the backbone of the airline and you can access all the internal systems. This is not something that might happen, it's happened."
The data that airline companies hold in their systems, such as flight schedules, flight plans and passenger lists, has a lot of value for cyber-criminals, adds Ben-Itzhak. They could use it themselves or store it and then sell it. "Just imagine if a terrorist bought the credentials," he tells Jane's .
According to Finjan, the airline's log was accessed freely, "including the airline's passenger and cargo lists, flight schedules, timetables, security measures, as well as its financial data". Finjan says that the airline concerned provided passenger and cargo air transportation services to international airlines, freight forwarders, international leisure tour operators and cruise ship companies.
This case has been taken up by the US law enforcement authorities and little has been made public about the methods used. Generally the US air traffic control (ATC) system, in common with those in many other countries, has not been subjected to criminal or terrorism attacks, although this may be changing.