Airports are Terrible at Cybersecurity

It's official

Airports are (in)famous for their lengthy physical security checks, but how do they rank in terms of cybersecurity? A team of security researchers recently set out to find out once and for all by assessing the current state of cybersecurity at the world's 100 largest airports. Here's what they found: 

Only 3 Airports Received a Perfect Score
Testing was broken down into 9 categories including things such as web application security, firewall usage, TLS encryption, cloud security, and Dark Web exposure. While European airports made up only 33% of the total testing (Asian airports made up the largest group with 35%), all three airports that received an A+ score are currently in the EU. The lucky winners? Amsterdam Schiphol, Helsinki-Vantaa, and Dublin Airports. For the rest of them, we've broken down the results below:

Website and Web Application Security
Nearly a quarter of main websites were found to contain "exploitable and publicly known vulnerabilities," with a further 47% various serious vulnerabilities. Unfortunately, barely half of the applications were protected by WAF. This reluctance to erect firewalls may be partially driven by the industry's desire to remain highly accessible to legitimate users. As we've discussed in the past, cybersecurity measures will only become effective once they become usable.

TLS encryption fared slightly better, with 53% of assets receiving an A+. Unfortunately, however, 12% were found to have "no encryption" whatsoever. When subdomains were included, only 70% received a passing grade.

Public Exposure
Interestingly, the airports were more highly exposed across code repositories (such as GitHub or Bitbucket) than on the Dark Web. Fewer than a fifth of the airports had highly confidential data exposed on the Dark Web, while a full 59% were similarly compromised via code repositories. This comes less than a month after an Amazon engineer accidentally uploaded nearly a gigabyte of sensitive data to their private GitHub account, revealing passwords and cryptographic keys to numerous AWS environments. It's no surprise then that airports share similar vulnerabilities.

Mitigation Measures
The following three techniques are proposed to mitigate the cybersecurity risks above:

1) Implement a continuous monitoring tool to detect network anomalies, intrusions, phishing attempts and brute force attacks. Any comprehensive cybersecurity strategy must incorporate automated tools for 24/7 incident detection. At Silent Breach, we've developed Quantum Armor to provide security teams with a 360° view of their security posture, every minute of the day.

2) Invest in security training for your personnel. The truth is that IT is only one component of your security strategy. In order for the security team's work to be effective, it must be backed up with a holistic company-wide awareness to cybersecurity.

3) Implement an external application security program. Two sets of eyes are always better than one and having an expert team of security engineers review your source code or network configurations will never go to waste. In fact, Silent Breach PenTesters have located serious vulnerabilities in 92% of applications tested to date.

Albany airport in upstate New York recently caught headlines when they paid an undisclosed ransom to hackers just before the new year. But, as the 2020 WEF Report makes clear, they won't be the last major airport to do so before the end of the year. Unfortunately, cybercrimes against core infrastructure is a real and present danger that is here to stay. The only question is, how will you prepare for it?

About Silent Breach: Silent Breach is an award-winning provider of cyber security services. Our global team provides cutting-edge insights and expertise across the Data Center, Enterprise, SME, Retail, Government, Finance, Education, Automotive, Hospitality, Healthcare and IoT industries.