How to hack an airport?

The airport is one of the most secure points in the field of transportation, where the smallest problem can endanger the lives of thousands of people, but researchers have shown by conducting an extensive study that almost all the systems and parts of the airport lack security. Cyber ​​security is at a low level and vulnerable to hacker attacks.

The advancement of technology has brought many benefits to the aviation industry, but in the meantime, we should not overlook the negative points. The use of networked systems and technology-based solutions in all sectors, from airport temperature control to the control of passenger lists and airplanes, has left many gates open to cyber attackers.

These days, connected systems have formed the heart of the aviation industry. This dependence is to such an extent that a few years ago, the disconnection of only one optical fiber cable grounded the airport and caused problems for systems such as baggage handling, passenger list checking, etc. On the first day of the opening of Imam Airport, the failure of the software system of the police force caused the formation of long queues in front of the inspection gate and the delay of flights for several hours.

Using connected systems and relying on software is not a problem in itself, but the problem comes from the insecurity of these systems, which allows hackers to hack airports and even airplanes.

Four years ago, a hacker named “Chris Roberts” connected his laptop to the network of the airline he was traveling with and He took control of one of the engines. He claimed that the purpose of this was to check traffic data and prove the security problems of the planes. Two years ago, US government officials claimed that a group of national security researchers broke into the radio systems of a Boeing 757 plane from They have hacked and controlled remotely.

Common malware and human error are not the only risk factors in the aviation industry. In fact, the configuration of the airport system is more like a colorful table open to hackers. “Pentest Partners” security institute, by examining a major part of the airport systems, found out the extensive security weaknesses in them, which we have explained in the following.

Access: The radio frequency identification (RFID) card that is used to confirm the identity of personnel, usually consists of magnetic strips and PIN codes, which can be easily accessed through tools such as Proxmark. copied the Therefore, the attackers will have the possibility to be in the sensitive areas of the airports.

The biggest challenge in this field is multiple groups with different access levels, whose identity must be identified and confirmed. For example, passengers, staff, flight crew, security forces, police, government agencies, transportation personnel, kitchen, vendors, etc. can be mentioned.

Building Management Systems (BMS): This system includes the hardware and software layers of the Internet of Things, which allows the operator to control different parts of the building and issue people’s entry permits. By purchasing a BMS from eBay and analyzing it, the security team of the institute found that some of these systems are vulnerable to remote hacking.

HVAC: “Pentest Partners” found that the airport has outsourced the management of the air conditioning department to other companies, and the contracting parties are also controlling the equipment remotely. This connection also gives hackers another window to penetrate, especially if the systems lack sufficient security.

Reception desks: Many airport reception desks are owned by airlines and the software installed in them is designed by private companies. Penetrating these software platforms also makes airport hacking possible.

Cargo handling: Most of the cargo handling systems at the airport are fully or partially automated and are managed with industrial controllers including PLC. These devices rely on the Windows operating system and are exposed to hackers due to the type of network configuration. By taking the controller out of reach or manipulating the serial data, the attacker can disrupt the cargo transportation system and cause widespread disorder in the airport.

Flight monitors: Hackers have already proven the vulnerability of these devices by breaking into the monitors at Bristol Airport. During this test, the security researchers were able to display fake information on the panels.

Surveillance cameras and Wi-Fi: The security problems of Wi-Fi networks and CCTV cameras are obvious, especially in public places. In this experiment, experts have succeeded in recovering CCTV private encryption keys. In the case of Wi-Fi, the main concern is intrusion into the network as well as connecting devices to unauthorized networks.

Security tools: In some cases, biometric data such as face scans are not automatically verified and are sent to the border guard system for identification. The infrastructure used in these cases is not separate and can be seen in the company’s networks. This issue includes scanners and x-ray machines connected to the network.

Support vehicles: According to Penn Test Partners, the vehicles that are used to support the planes at the airport are not deprived of connecting to the network. Only the fuel supply system was more or less offline, but this part is increasingly being integrated with the whole system.

At the airport, the Electronic Flight Bag is used to determine the amount of fuel required and then it is sent to the fuel machine operator via API. Based on these data, weight and balance A7″>The plane is determined along the route, as a result of which sabotage will have irreparable consequences.

Active cars in the airport area: ADS-B is used to determine the position of these cars on the radar, but the problem is that this protocol is not encrypted or validated, so the attacker sends signals Fake cars can put these cars on busy roads and cause unimaginable damage.

ILS navigation systems: These systems are used to assist landing and takeoff in adverse conditions and runway navigation. Unfortunately, it is also possible to infiltrate them. ILS is the same system that was purchased a few years ago at a cost of 40 billion tomans and was installed at Bojnord airport, but it was turned off just one month later due to the mismatch with the slope of the runway, and has been decaying ever since.

Docking systems: These tools direct the plane to its final destination after landing through infrared waves, but their security configuration is not sufficient to protect them from cyber attackers. The experts of the said institute have changed the signature of an aircraft from A380 to A320 in their investigations, which will lead to wrong navigation.

The overall complexity of the aviation industry is increasing by leaps and bounds, but this is only the outer layer, and the security principles lag far behind this development. Rapid installation of security patches, monitoring of endpoints to identify suspicious behavior and personnel training can improve the situation, but considering the continuity of processes at the airport and the failure of one part can paralyze the entire complex, these measures should not be limited. did.

Pentest Partners’ solution to prevent cyber attacks is to isolate networks, isolate systems without complete security, and comply with POLP principles to limit the access level of users based on their job description.