Friday, March 6, 2015

U.S. Air Traffic Control computers vulnerable to hackers





The U.S. system for guiding planes is open to vulnerabilities from outside hackers, according to the Government Accountability Office.

The weaknesses that threaten the FAA’s ability to ensure flight safety include a failure to patch known three-year-old security holes, the transmission and storage of unencrypted passwords, and the continued use of "end-of-life" key servers.

The GAO said that problems within the system that monitors up to 2,850 flights at a time means the air traffic system is exposed to an "increased and unnecessary risk of unauthorized access, use or modification that could disrupt air traffic control operations." The report also said the FAA "did not always ensure that sensitive data were encrypted

when transmitted or stored," including stored passwords and "authentication data."

The public's safety is in jeopardy until there's a fix to the system used at approximately 500 airport control towers, the GAO said.

"Until FAA effectively implements security controls, establishes stronger agency-wide information security risk management processes ... the weaknesses GAO identified are likely to continue, placing the safe and uninterrupted operation of the nation's air traffic control system at increased and unnecessary risk."

For more of the Ars Technica story: arstechnica.com


More Techwire stories

Samsung building biggest boxship in the world for MOL

GE makes breakthrough in RFID sensors that detect explosives

Pelindo III signs agreement to enhance IT at ports

New German research ship deploys Global Navigation Solutions software