[ISN] IG: Air traffic control system vulnerable to cyberattack

From: InfoSec News <alerts_at_private>
Date: Thu, 7 May 2009 00:33:19 -0500 (CDT)

By Kathleen Hickey
May 06, 2009

The Federal Aviation Administration’s air traffic control system is 
vulnerable to cyberattacks via Web applications that support the system, 
according to a new report released by the Transportation Department’s 
Office of Inspector General (OIG).

“In our opinion, unless effective action is taken quickly, it is likely 
to be a matter of when, not if, [air traffic control] systems encounter 
attacks that do serious harm to [air traffic control] operations,” wrote 
Rebecca Leng, DOT’s assistant inspector general for financial and 
information technology audits, in the report.

Reps. John Mica (R-Fla.) and Tom Petri (R-Wis.) requested the report, 
titled “Review of Web Applications Security and Intrusion Detection in 
Air Traffic Control Systems.”

The satellite-based air traffic control system is heavily reliant on 
commercial software and IP-based technology. Among the auditors’ 


LayerOne 2009, Information Security for the discerning professional. 
May 23-24 2009 @ The Anaheim Marriott in Anaheim, California 
Visit http://layerone.info for more information
Received on Wed May 06 2009 - 22:33:19 PDT

This archive was generated by hypermail 2.2.0 : Wed May 06 2009 - 22:49:44 PDT