- Researchers have outlined how attackers can compromise almost every system used in aviation including access control systems, Check-ins, WiFi, baggage systems, flight displays, CCTVs, and HVAC.
- Apart from these, the airside security systems, airside concessions, airside vehicles, airside RF systems, docking systems, briefing systems, pushback tugs, and gate link systems were also found to be vulnerable.
What is the issue?
Researchers from Pen Test Partners have tested a wide selection of systems and controls used in airports and described how vulnerable airports may be to attacks.
The detailed picture
Researchers have outlined how attackers can compromise almost every element and system used in aviation.
- Access Control Systems - Researchers noted that access control systems such as aircrew access pass can be cloned through tools such as Proxmark, giving threat actors access to confidential areas in airports.
- Building Management Systems - Pen Test Partners found out that Building Management Systems (BMS) that control electronic door locks, HVAC, and industrial process controllers, among others, have bypassable authentication and remote exploits.
- HVAC - According to the researchers, the heating, ventilation, and air conditioning (HVAC) in airports are usually outsourced to third-parties, which could be a potential avenue for exploit.
- Check-in desks - The check-in desks that are rented by airlines from the airport and the software running on them are also vulnerable to attacks.
- Baggage - Researchers noted that most baggage systems either have a degree of automation or are fully autonomous and are controlled by industrial controllers such as PLCs. Therefore, baggage system interfaces are sometimes exposed to the network.
- Flight Displays and CCTV - The researchers noted that they were able to inject their own flight on to a display during the penetration test. And in the case of CCTV, they were able to recover private encryption keys.
- Airport WiFi - According to researchers, spoofing a network is successful given a large number of devices connecting to the airport WiFi.
Apart from these, the researchers also found out that airside security systems, airside concessions, airside vehicles, airside RF systems, docking systems, briefing systems, pushback tugs, and gate link systems were also vulnerable to attacks.