Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

10:30 AM
Edy Almer
Edy Almer
Connect Directly
E-Mail vvv

Airports & Operational Technology: 4 Attack Scenarios

As OT systems increasingly fall into the crosshairs of cyberattackers, aviation-industry CISOs have become hyper-focused on securing them.

Finding and fixing vulnerabilities across airport operational technology networks may not be sexy, but the damage and confusion a successful attack can cause is nothing short of sensational. These critical airport systems include baggage control, runway lights, air conditioning, and power, and they're managed by means of network-connected digital controllers. They are much less organized than conventional IT networks, are rarely monitored as closely, and are often left untouched for years.

It's an emerging threat that has sparked the attention of dozens of airport CISOs we speak with regularly. Their concerns run the gamut from the mundane to straight out of the movies. Here are four risk vectors we hear about often:

Threat 1: Baggage Handling
Baggage-handling systems consist of an intricate latticework of automatic conveyor belts that ensure that both person and luggage arrive together at the same destination. Because they are the most customer-facing OT system found in airports, they're a common target. For a variety of reasons, checked bags are regularly tagged for extra security checks. A malicious actor can easily hack into the baggage-handling system to either redirect a bag to another flight or prevent it from being subject to a secondary security check in order to smuggle something illicit or dangerous onto the plane. 

These systems are extremly attractive targets for an attack because they can be executed remotely; the attacker wouldn't even need to board the plane. All that's required is  for a single person to fall for a simple phishing email and an attacker can introduce OT-specfic malware into the airport network. This malware will find its way to the baggage handling system to execute the attack.

Threat 2: Aircraft Tugs
Most planes can't reverse or maneuver safely or efficiently on the ground without using aircraft tugs (the airplane equivalent of tugboats). Tugs are usually vehicles that latch on the wheel bar or axle and are essential to do the kind of maneuvering needed to back a plane into the gate to connect the jet bridge and other deplaning equipment. Many modern tugs are wireless, and there's a huge push to make all next-gen tugs wireless, driverless, and OT and IT connected.

Attackers could potentially hijack a tug's weight sensors and back a large jet into a gate at the velocity used for a small plane, causing it to crash through the wall of the airport. Creative attackers could also hack these systems for other purposes beyond physical damage, which is likely why CISOs frequently mention this risk vector. 

Threat 3: De-icing Systems
De-icing is a routine maintenance function that is performed on the ground. Planes need to be de-iced because at typical cruising altitudes, around 35,000 feet, temperatures dip as low as minus 60 degrees Fahrenheit. To prevent ice from forming on the wings, body, and other critical mechanical structures, a special chemical treatment is applied to the outside of the plane.

The liquid chemicals used for de-icing are stored at on-site facilities. These facilities use OT devices to regulate and maintain the composition of de-icing chemicals. If those systems were attacked and the composition of the solution altered, this could easily cause ice to form on the body of a plane. Even a single millimeter of ice can dramatically affect the aerodynamics and ability of a plane to maneuver. Tampering with the aerodynamics of a plane by hacking into de-icing systems is one way to cause it to crash without loading explosives onto it, which is likely why as obscure a risk vector as it is, de-icing systems are often one of the first OT systems airports monitor.

Threat 4: Fuel Pumps
When planes are refueled at airports, this is done either by fuel trucks or hydrants that pump gas from storage tanks in the ground. These storage tanks, known as "fuel farms," are connected via a sprawling network of underground pipes that use OT systems to regulate the valves, controls, and equipment used to store, transfer, and dispense various types of jet fuel used by commercial aircraft.

An attacker could, for example, hack into a fuel farm, causing the wrong type or mixture of fuel to be pumped into a plane, resulting in anything from engine problems to an explosion.

These are not theoretical risks — chances are an airport you frequent is susceptible to one or more of the above attacks. However, especially in light of the recent Boeing 737 plane crashes, it's important that we don't lapse into fearmongering. These networks are not exposed because airport cybersecurity teams are asleep at the wheel. In fact, the only reason we even know about them is because they're making it a priority to address them in what we observe to be a thoughtful, responsible manner. And that's a good thing.

Related Content:



Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.

Edy Almer leads Cyberbit's product strategy. Prior to joining Cyberbit, Almer served as vice president of product for Algosec. During this period the company's sales grew by over four times in five years. Before Algosec, Almer served as vice president of marketing and ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Strategist
5/10/2019 | 12:55:41 AM
Take extra step
We can now safely say that there is always a silver lining behind every dark cloud. Companies are now taking the extra step to ensure that security is guaranteed at their firm after major data breaches keep occuring over the years at several establishments.
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: I think the boss is bing watching '70s TV shows again!
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-12-03
Improper input validation vulnerability in EC-CUBE versions from 3.0.5 to 3.0.18 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vector.
PUBLISHED: 2020-12-03
Cross-site scripting vulnerability in desknet's NEO (desknet's NEO Small License V5.5 R1.5 and earlier, and desknet's NEO Enterprise License V5.5 R1.5 and earlier) allows remote attackers to inject arbitrary script via unspecified vectors.
PUBLISHED: 2020-12-03
GROWI v4.1.3 and earlier allow remote attackers to obtain information which is not allowed to access via unspecified vectors.
PUBLISHED: 2020-12-03
Reflected cross-site scripting vulnerability in GROWI v4.0.0 and earlier allows remote attackers to inject arbitrary script via unspecified vectors.
PUBLISHED: 2020-12-03
Stored cross-site scripting vulnerability in GROWI v3.8.1 and earlier allows remote attackers to inject arbitrary script via unspecified vectors.