Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

11/10/2010
03:55 PM
John Foley
John Foley
Commentary
Connect Directly
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Feds Respond To Air Safety Threats

A series of recent incidents have prompted air transportation officials in the United States to outline new security measures, just as millions of people book flights and begin packing for the Thanksgiving travel rush.

It’s a nerve-racking time for air travelers. The “mystery missile” that appeared off the coast of California this week is the latest in a series of incidents that are cause for alarm. The Department of Homeland Security, the FAA, and the TSA are all taking steps to improve air safety, but there are no fast or easy fixes.

It’s unclear if the projectile spotted on Nov. 8 west of Los Angeles was a missile or something else. Some experts speculate that the plume of smoke recorded by a news helicopter was the vapor trail of a jet. The Department of Defense hasn’t been able to explain it, but a Pentagon official today agreed that it was mostly likely jet vapor, according to CBS News. Either way, unknown objects streaking across the sky can’t be good for air safety or passenger peace of mind.

Less than two weeks ago, U.S. intelligence and Homeland Security officials were scrambling to avoid catastrophe when two homemade bombs -- packaged in printer ink-cartridges and originating in Yemen -- were discovered on cargo flights. London police disclosed today that one of the bombs was timed to explode over the eastern United States. (Notably, the packages were reportedly transported out of Yemen on passenger jets.)

The same day those bombs were discovered, Oct. 29, a man in his early 20s boarded an Air Canada flight in Hong Kong disguised as elderly man. There’s no indication that the man had terrorist intentions (CNN reports he sought refugee protection), but the episode exposed yet another hole in airport security.

Air transportation authorities in the United States are rushing to plug those holes. On Nov. 8, DHS secretary Janet Napolitano outlined a series of measures, including “enhanced screening” and “layered detection,” related to air cargo coming into the U.S. Effective immediately, tone and ink cartridges over 16 ounces are banned from all passenger flights, both in carry-on and checked luggage.

TSA administrator John Pistole recently shared his own list of action items. They include boosting TSA’s counterterrorism capabilities through intelligence and new technologies such as the Advanced Imaging Technology systems -- a.k.a. body scanners -- being deployed in U.S. airports. Of course, body scanners haven’t exactly been a hit with the American public, or pilots or flight attendants for that matter, amid privacy and safety concerns. Earlier this week, John Holden, science advisor to President Obama, released a detailed response to questions over the level of x-ray radiation emitted from the systems.

For its part, the FAA has proposed that new safety management systems be required for commercial airlines. The idea is to develop a formal approach to “managing safety” in the areas of policy, risk management, safety assurance, and promoting safety. The proposal calls on airlines to implement the systems within three years.

It’s almost impossible to discuss air safety without causing some degree of anxiety among the traveling public. The latest “FAA Safety Briefing, a which reports on the general aviation, or small plane, industry, includes articles on “When the best made plans go awry” and “How to survive an aviation emergency.” There’s also a “Top 10” list of causes for fatal accidents in general aviation. Number one: loss of control during maneuvering in flight.

You might think that these close calls in the skies would cause travelers to fly less, but you would be wrong. The Air Transport Association of America forecasts that 24 million people, a 3.5% increase over last year, will travel on U.S. airlines during the extended 12-day Thanksgiving holiday. ATA encourages travelers to pack light, use its mobile app for airport updates, and to leave plenty of time for security screening.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-22675
PUBLISHED: 2021-05-07
The affected product is vulnerable to integer overflow while parsing malformed over-the-air firmware update files, which may allow an attacker to remotely execute code on SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, C...
CVE-2021-22679
PUBLISHED: 2021-05-07
The affected product is vulnerable to an integer overflow while processing HTTP headers, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, CC13X2 and CC26XX SDK v...
CVE-2020-14009
PUBLISHED: 2021-05-07
Proofpoint Enterprise Protection (PPS/PoD) before 8.17.0 contains a vulnerability that could allow an attacker to deliver an email message with a malicious attachment that bypasses scanning and file-blocking rules. The vulnerability exists because messages with certain crafted and malformed multipar...
CVE-2021-21984
PUBLISHED: 2021-05-07
VMware vRealize Business for Cloud 7.x prior to 7.6.0 contains a remote code execution vulnerability due to an unauthorised end point. A malicious actor with network access may exploit this issue causing unauthorised remote code execution on vRealize Business for Cloud Virtual Appliance.
CVE-2021-26122
PUBLISHED: 2021-05-07
LivingLogic XIST4C before 0.107.8 allows XSS via feedback.htm or feedback.wihtm.