The airport professional's source for airport industry news, articles, events, and careers.
Issue link: http://airportbusiness.epubxp.com/i/397645
October 2014 airportbusiness 25 This headline appeared in June after a cooperative effort between the federal gov- ernment and the Center for Internet Security (CIS) thwarted a prolonged operation to spy on aviation systems at 75 U.S. airports, but not before hackers breached the networks of two of them. Authorities actually discovered this threat in 2013, when the federal government notified CIS about an advanced persistent threat (APT) targeting airports. Typically APTs involve Nation State attack- ers employing sophisticated methods to creep around a network for as long as necessary to obtain the information they seek. In this case the attackers sent spear phishing emails to aviation personnel containing vulnerabilities that the CIS reports were difficult to detect and execute. This is not a rare event; in fact it's one that is happening far more frequently than ever before. According to the annual CIS report, there were 48 significant computer security incidents in 2013, more than double the number recorded in 2012. It's also something that's striking globally. In late September, news media reported hackers broke into the server of India's largest airport operator, the Airports Authority of India, and stole crucial data including financial informa- tion, payroll data, and more. "Here's the scary part about these incidents: They are attacking and targeting airports—and nobody really knows why," says Andre Allen, information and cyber security manager at GCR Inc., an international software and technology firm in the airport space. Not only that but, according to Mark Gazit, CEO of Theta Ray, a national firm offering cyber security solutions, the average time to discover a threat is approximately 240 days. But, he adds, it can take a month or more for an organization to recover. Even more concerning are the words of Dom Nessi, deputy director/chief information officer at Los Angeles World Airports (LAWA): "I think T h e h e a d l i n e r e a d : "Nation State-sponsored Attackers Hacked Two Airports, Report Says." KEYWORDS IN CYBER SECURITY f Advanced persistent threat. An advanced persistent threat finds a hole in a network that allows hackers in so they can sit back and monitor what an airport is doing. f Cyber hygiene . Steps computer users can take to improve their cyber security and better protect themselves and their organizations online. f Malware, short for malicious software. Software that compromises the operation of a system by performing an unauthorized function or process. f Phishing (spear phishing). An attempt to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. f Virus. Computer program that can replicate itself, infect a computer without permission or knowledge of the user, and then spread or propagate to another computer. COVER STORY