Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

10:30 AM
Edy Almer
Edy Almer
Connect Directly
E-Mail vvv

Airports & Operational Technology: 4 Attack Scenarios

As OT systems increasingly fall into the crosshairs of cyberattackers, aviation-industry CISOs have become hyper-focused on securing them.

Finding and fixing vulnerabilities across airport operational technology networks may not be sexy, but the damage and confusion a successful attack can cause is nothing short of sensational. These critical airport systems include baggage control, runway lights, air conditioning, and power, and they're managed by means of network-connected digital controllers. They are much less organized than conventional IT networks, are rarely monitored as closely, and are often left untouched for years.

It's an emerging threat that has sparked the attention of dozens of airport CISOs we speak with regularly. Their concerns run the gamut from the mundane to straight out of the movies. Here are four risk vectors we hear about often:

Threat 1: Baggage Handling
Baggage-handling systems consist of an intricate latticework of automatic conveyor belts that ensure that both person and luggage arrive together at the same destination. Because they are the most customer-facing OT system found in airports, they're a common target. For a variety of reasons, checked bags are regularly tagged for extra security checks. A malicious actor can easily hack into the baggage-handling system to either redirect a bag to another flight or prevent it from being subject to a secondary security check in order to smuggle something illicit or dangerous onto the plane. 

These systems are extremly attractive targets for an attack because they can be executed remotely; the attacker wouldn't even need to board the plane. All that's required is  for a single person to fall for a simple phishing email and an attacker can introduce OT-specfic malware into the airport network. This malware will find its way to the baggage handling system to execute the attack.

Threat 2: Aircraft Tugs
Most planes can't reverse or maneuver safely or efficiently on the ground without using aircraft tugs (the airplane equivalent of tugboats). Tugs are usually vehicles that latch on the wheel bar or axle and are essential to do the kind of maneuvering needed to back a plane into the gate to connect the jet bridge and other deplaning equipment. Many modern tugs are wireless, and there's a huge push to make all next-gen tugs wireless, driverless, and OT and IT connected.

Attackers could potentially hijack a tug's weight sensors and back a large jet into a gate at the velocity used for a small plane, causing it to crash through the wall of the airport. Creative attackers could also hack these systems for other purposes beyond physical damage, which is likely why CISOs frequently mention this risk vector. 

Threat 3: De-icing Systems
De-icing is a routine maintenance function that is performed on the ground. Planes need to be de-iced because at typical cruising altitudes, around 35,000 feet, temperatures dip as low as minus 60 degrees Fahrenheit. To prevent ice from forming on the wings, body, and other critical mechanical structures, a special chemical treatment is applied to the outside of the plane.

The liquid chemicals used for de-icing are stored at on-site facilities. These facilities use OT devices to regulate and maintain the composition of de-icing chemicals. If those systems were attacked and the composition of the solution altered, this could easily cause ice to form on the body of a plane. Even a single millimeter of ice can dramatically affect the aerodynamics and ability of a plane to maneuver. Tampering with the aerodynamics of a plane by hacking into de-icing systems is one way to cause it to crash without loading explosives onto it, which is likely why as obscure a risk vector as it is, de-icing systems are often one of the first OT systems airports monitor.

Threat 4: Fuel Pumps
When planes are refueled at airports, this is done either by fuel trucks or hydrants that pump gas from storage tanks in the ground. These storage tanks, known as "fuel farms," are connected via a sprawling network of underground pipes that use OT systems to regulate the valves, controls, and equipment used to store, transfer, and dispense various types of jet fuel used by commercial aircraft.

An attacker could, for example, hack into a fuel farm, causing the wrong type or mixture of fuel to be pumped into a plane, resulting in anything from engine problems to an explosion.

These are not theoretical risks — chances are an airport you frequent is susceptible to one or more of the above attacks. However, especially in light of the recent Boeing 737 plane crashes, it's important that we don't lapse into fearmongering. These networks are not exposed because airport cybersecurity teams are asleep at the wheel. In fact, the only reason we even know about them is because they're making it a priority to address them in what we observe to be a thoughtful, responsible manner. And that's a good thing.

Related Content:



Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.

Edy Almer leads Cyberbit's product strategy. Prior to joining Cyberbit, Almer served as vice president of product for Algosec. During this period the company's sales grew by over four times in five years. Before Algosec, Almer served as vice president of marketing and ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Strategist
5/10/2019 | 12:55:41 AM
Take extra step
We can now safely say that there is always a silver lining behind every dark cloud. Companies are now taking the extra step to ensure that security is guaranteed at their firm after major data breaches keep occuring over the years at several establishments.
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-05-06
Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application (through 4.9.2 on Android and through 4.9.1 on iOS) allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the...
PUBLISHED: 2021-05-06
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software, prior to version 1.22. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gai...
PUBLISHED: 2021-05-06
emlog v5.3.1 and emlog v6.0.0 have a Remote Code Execution vulnerability due to upload of database backup file in admin/data.php.
PUBLISHED: 2021-05-06
** UNSUPPORTED WHEN ASSIGNED ** The 'id' parameter of IBM Tivoli Storage Manager Version 5 Release 2 (Command Line Administrative Interface, dsmadmc.exe) is vulnerable to an exploitable stack buffer overflow. Note: the vulnerability can be exploited when it is used in "interactive" mode wh...
PUBLISHED: 2021-05-06
Stormshield SNS with versions before 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to excessive consumption of memory and CPU resources, and possibly a denial of service.