Globalisation a threat to Australian airlines' security

Stephen Withers
Thursday, 31 March 2011 14:58

Business IT - Security

The CTO of an Australian IT security company has claimed that the globalisation of the Australian aviation industry presents a significant threat to security.

According to Security firm Pure Hacking, the globalisation of the Australian aviation sector posed significant threats for system security. In particular, rogue employees within airlines and airports are well placed to plant malware and conduct industrial espionage.

Pure Hacking CTO Ty Miller said "With literally thousands of machines or devices accessible, I only needed to hack one [during a scheduled penetration test of an airline network] to begin escalating my privileges that resulted in complete compromise the airline's environment. This included capturing credit cards, documents, plans, communications and databases."

He added that "[future] cyber-threats will be more diversified and take the form of multi-stage and multi-dimensional attacks that utilise and target a variety of attack tools and technologies. For example, the latest generation of web worms uses a variety of different 0-day exploits, propagation methods, and payloads to inflict physical damage." Yet the aviation sector implicitly relies on systems that require a highly secure environment.

"The stereotypical Die Hard 2 airport attack where aircraft controls can be taken over is no longer just a movie script. It's an actual reality."