Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
CUSTOMER RELATIONSHIP MANAGEMENT NEWS. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Network Security / FAA Vulnerable to Cyberattacks
Federal Aviation Administration Vulnerable to Cyberattacks
Federal Aviation Administration Vulnerable to Cyberattacks
By Jef Cozza / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
MARCH
09
2015
A U.S. senator says the Federal Aviation Administration (FAA) is in dire need of a security upgrade. Without major changes to the agency’s computer systems, it will remain vulnerable to attacks from hackers, foreign governments, and terrorist organizations, according to Senator Chuck Schumer, a Democrat from New York.

The FAA is responsible for the country’s network of air traffic controllers through the National Air Traffic Control System and security breach could spell disaster for U.S. air travel, he said. Schumer based his comments on findings by the Government Accountability Office (GAO), the agency responsible for auditing and monitoring the federal government’s various organizations, according to the New York Daily News.

Weaknesses in Air Traffic Control

“If they were able to hack the system, thousands of planes could be in the air unguided. Sophisticated terrorists could even steer planes into one another,” Schumer said.

In January, the GAO issued a scathing 46-page report detailing the security failings it found at the FAA in a document titled “FAA Needs to Address Weaknesses in Air Traffic Control Systems.” The GAO listed 168 different actions that the FAA should take to better protect itself from a malicious breach.

The FAA relies on the National Airspace System (NAS), a critical component of the nation’s transportation infrastructure, according to the GAO report. “Given the critical role of the NAS and the increasing connectivity of FAA’s systems, it is essential that the agency implement effective information security controls to protect its air traffic control systems from internal and external threats," according to the report.

Congress asked the GAO to review the FAA’s information security program to evaluate the extent to which it had effectively implemented information security controls to protect its air traffic control systems. The GAO said that it reviewed FAA policies, procedures, and practices and compared them to the relevant federal law and guidance and assessed the implementation of security controls in FAA systems.

Increased and Unnecessary Risk

According to the report, the GAO found significant weaknesses in controls intended to prevent, limit, and detect unauthorized access to computer resources, such as controls for protecting system boundaries, identifying and authenticating users, authorizing users to access systems, encrypting sensitive data, and auditing and monitoring activity on the FAA’s systems.

Additionally, the report found major shortcomings in the way that the agency maintained its boundary protection controls between less-secure systems and those vital to the NAS. The GAO accused the FAA of failing to implement an agency-wide information security program, as required by the Federal Information Security Management Act of 2002. According to the report, the FAA has not sufficiently tested its security controls to determine if they were operating as expected.

“Until FAA effectively implements security controls, establishes stronger agency-wide information security risk management processes, fully implements its NAS information security program, and ensures that remedial actions are addressed in a timely manner, the weaknesses GAO identified are likely to continue, placing the safe and uninterrupted operation of the nation’s air traffic control system at increased and unnecessary risk,” the GAO wrote in its report.

The FAA, for its part, does not seem to be resisting the GAO’s recommendations, saying that it agrees with the course of action laid out in the report.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN NETWORK SECURITY
CRM DAILY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.
--- 441