Forwarded from: Drew Williams <drew928sat_private> Good article by Kevin on the FAA getting hacked. I hope the FAA realizes its vulnerabilities stem far beyond those of a couple of kids and some passenger screening protocols. Last year some of our Security folks (from a major IT Security company for whom I work), visited the FAA and discussed the simple problems of viruses, and how they could corrupt those very servers that control the flight patterns. Because of pricing-per-server, the FAA employs a very cheap and hardly reliable brand of anti-virus technology, which has been documented as not even close to a top-five contender. This worries a lot of people--especially those of us in IT security who have to fly every week. I hope the FAA will make some changes in how they view their infrastructure--not just how they look at little old ladies getting "randomly" screened at the gates. --- InfoSec News <isnat_private> wrote: > http://www.theregister.co.uk/content/55/25029.html > > By Kevin Poulsen, SecurityFocus Online > Posted: 26/04/2002 at 06:54 GMT > > Hackers were able to penetrate a Federal Aviation Administration > system earlier this week and download unpublished information on > airport passenger screening activities, federal officials confirmed > Thursday. > > Styling themselves "The Deceptive Duo," the hackers on Wednesday > publicly defaced an FAA server used by what was the administration's > Civil Aviation Security organization, which until recently was > responsible for supervising passenger screening at U.S. airports. > There, the intruders posted a mission statement vowing to expose > America's poor state of cyber security for the good of the nation. [...] - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Sat May 04 2002 - 07:20:17 PDT