Oh Really? DoT IG Thinks ATC Vulnerable To Hackers | Aero-News Network
Aero-News Network
RSS icon RSS feed
podcast icon MP3 podcast
Subscribe Aero-News e-mail Newsletter Subscribe

Airborne Unlimited -- Most Recent Daily Episodes

Episode Date

Airborne-Monday

Airborne-Tuesday

Airborne-Wednesday Airborne-Thursday

Airborne-Friday

Airborne On YouTube

Airborne-Unlimited-07.07.25

Airborne-NextGen-07.08.25

AirborneUnlimited-07.09.25

Airborne-FlightTraining-07.10.25

AirborneUnlimited-07.11.25

Thu, May 07, 2009

Oh Really? DoT IG Thinks ATC Vulnerable To Hackers

OK, In This Day And Age... Who Isn't?

A report (FI-2009-049) from the Department of Transportation's office of the Inspector General is raising the alarm over the potential vulnerabilities of the nations air traffic system to damage and interference by hackers.

The IG's Office claims that, "we issued our report on Federal Aviation Administration (FAA) web applications security and intrusion detection in air traffic control (ATC) systems, requested by the Ranking Minority Members of the full House Transportation and Infrastructure Committee and its Aviation Subcommittee. The objectives of this performance audit were to determine whether (1) web applications used in supporting ATC operations were properly secured to prevent unauthorized access to ATC systems, and (2) FAA’s network intrusion–detection capability was effective in monitoring ATC cyber–security incidents."

The IG adds that, "We found that web applications used in supporting ATC systems operations were not properly secured to prevent attacks or unauthorized access. During the audit, our staff gained unauthorized access to information stored on web application computers and an ATC system, and confirmed system vulnerability to malicious code attacks. In addition, FAA had not established adequate intrusion–detection capability to monitor and detect potential cyber security incidents at ATC facilities. The intrusion–detection system has been deployed to only 11 (out of hundreds of) ATC facilities. Also, cyber incidents detected were not remediated in a timely manner."

The report explains a bit more about their concerns by stating that 'The need to protect ATC systems from cyber attacks requires enhanced attention because the Federal Aviation Administration (FAA) has increasingly turned toward the use of commercial software and Internet Protocol (IP)1-based technologies to modernize ATC systems. While use of commercial IP products, such as Web applications,2 has enabled FAA to efficiently collect and disseminate information to facilitate ATC services, it inevitably poses a higher security risk to ATC systems than when they were developed primarily with proprietary software. Now, attackers can take advantage of software vulnerabilities in commercial IP products to exploit ATC systems, which is especially worrisome at a time when the Nation is facing increased threats from sophisticated nation-state-sponsored cyber attacks.'

FMI: www.oig.dot.gov/StreamFile?file=/data/pdfdocs/ATC_Web_Report.pdf

Advertisement

More News

NTSB Final Report: Aviat A1

Airplane Bounced About 3 Ft Then Touched Back Down And Then, With No Brakes Applied, The Airplane Began Veering To The Left Analysis: The pilot entered the airport traffic pattern >[...]

ANN's Daily Aero-Linx (07.08.25)

Aero Linx: British Microlight Aircraft Association (BMAA) The primary focus within all aviation activity is SAFETY. In all aspects of our sport SAFETY must come first, whether it b>[...]

Classic Aero-TV: Fly Corvair’s Reliable Engine Alternative

From SnF25 (YouTube Edition): William Wynne Builds Practical Aircraft Engines on the Corvair Platform Seeking an affordable alternative to the traditional aircraft engine options, >[...]

ANN FAQ: Contributing To Aero-TV

How To Get A Story On Aero-TV News/Feature Programming How do I submit a story idea or lead to Aero-TV? If you would like to submit a story idea or lead, please contact Jim Campbel>[...]

Classic Aero-TV: CiES Fuel-Quantity and e-Throttle Systems Praised

From 2023 (YouTube Edition): Bridge of CiES CiES Inc. is a Bend, Oregon-based designer and manufacturer of modular embedded aircraft systems and sensors. The company’s fuel-l>[...]

blog comments powered by Disqus



Advertisement

Advertisement

Podcasts

Advertisement

© 2007 - 2025 Web Development & Design by Pauli Systems, LC