Airport cybersecurity is crucial for guarding our personal data – not to mention our lives. But the aviation industry rarely meets basic security standards. When it comes to protecting its cyber systems from attack, they've dropped the ball.
In 2020, Swiss researchers identified “massive cybersecurity risks” at 97 of the world’s top 100 airports. Actually, only three of the world’s airports (in Amsterdam, Dublin, and Helsinki) achieved an A+ rating.
Common airport cybersecurity problems
Cybersecurity in airports is often poor. In fact, one in four airports having received an F rating for issues like:
- Using outdated software with known and exploitable vulnerabilities in WordPress or jQuery systems.
- Failing to use Secure Sockets Layer (SSL) encryption between servers and clients.
- Running old, now-obsolete versions of encryption software such as SSLv3.
- Failing to secure mobile apps, fix known vulnerabilities, and encrypt outgoing data.
- Losing highly confidential data like financial records and passenger ID information to the Dark Web.
- Storing sensitive data on unprotected public clouds.
- Falling short of the EU’s General Data Protection Regulation (GDPR) compliance standards.
- Failing to comply with the Payment Card Industry Data Security Standard (PCI DSS) requirements.
How to improve airport cybersecurity
The above issues are just the start. Data security in airports should include a continuous security monitoring system.
It must use anomaly detection to identify phishing attempts, password reuse attacks, and all other intrusions in real time.
Because today’s digital nature, an online presence can weave across multiple parties and platforms. So it's important to take a holistic approach to maintain visibility of digital assets and attack surfaces.
The small percentage of truly secure airports conduct in-depth audits of all vendors and third-party suppliers. This ensures they are equipped to mitigate complex risks.
Finally, you must train personnel in all security matters. Particularly, how the email and apps they use at work can compromise security.
Are you looking for greater security measures?
Organizations like Coro work with international airports to provide top-level support.
We use robust security standards provided by the National Institute of Standards and Technology, the International Organization for Standardization, and the Civil Aviation Organization.
Our founders boast over 25 years of experience across the tech world. We are committed to implementing cybersecurity solutions that deal with modern challenges and the threats of tomorrow. Contact us for more information. We operate globally.