An airplane on the cover of the Coronet Insecure Airports Cloud Security Report.

The Key Takeaways from Our Insecure Airports Cloud Security Report

Dror Liwer Blog

The Key Takeaways from Our Insecure Airports Cloud Security Report

It’s been almost three months since we released our inaugural airport cloud security report, Attention All Passengers: Airport Networks Are Putting Your Devices & Cloud Apps at Severe Risk,  which identified and ranked the most insecure airports in the U.S. Since then, the response to our research and analysis has been both extensive and interesting. If you haven’t yet read the report, you can download it for free here.

The communications and IT security teams at San Diego International Airport, which we ranked as the most cyber-insecure out of the top 45 busiest airports, on several occasions attempted to discredit our research via social media posts and through local press statements. While we can certainly understand their frustration, they failed to realize that the report was not actually attacking their digital infrastructure or placing blame on their security team; rather it was providing an assessment of network and device vulnerabilities found within its confines over a period of time.

In contrast, security leaders at Newark International Airport took the opposite approach. Upon learning about and reading our report, several high-ranking officials reached out to us to learn more about what we found and how we found it. While these officials were surprised by some of what we presented to them, they were appreciative of us shining the spotlight on airport security so that they could seek new ways to better protect their workers and passengers for cyber threats. At this time, no other airports have attempted to make contact with us.

But no matter how vigilant an airport is, attackers will continue to target them, and much of their success will depend on each passengers cyber vigilance.

Why Attackers See Weaknesses at Airports 

The cybersecurity risks at airports are not going away anytime soon. Despite what we suspect will be an increase in personnel and funding in coming years, those responsible for airport cybersecurity are likely to continue to be tasked with balancing convenience and security. This is no easy task. Today, an adversary can setup any number of Wi-Fi-driven attacks, such as a Captive Portal or Evil Twin, without even being in an airport terminal, using devices legally purchased on Amazon for just $50 or $100.

While airports can take some steps to maintain the integrity of their public networks, there is nothing that IT security can do to mandate travelers comply with basic, common sense security safeguards. Unfortunately, many passengers do not have updated software installed on their endpoints to fend off attacks, and too many use unoriginal operating systems.

Without the ability to mandate that traveler’s devices meet certain security standards, all airport personnel can do is monitor their networks and respond to abnormal activity as quickly as possible. Unfortunately, however, an attack only needs to be active for a matter of seconds for it to impact a passenger, especially one whose devices are riddled with vulnerabilities.

What’s at Risk for Business Travelers

Overall, business travelers are at heightened risk of unintentionally facilitating unauthorized device access, data theft and malware/ransomware spread across their endpoints. Once devices are infected, the integrity and confidentiality of their employers’ essential cloud-based work apps, such as G-Suite, Dropbox and Office 365 are jeopardized. At the same time, all flyers are at elevated risk of connecting to unencrypted, unsecured or improperly configured networks, which can prompt identity theft, financial fraud and personal files/picture theft.

At the end of the day, airports will remain some of the most highly targeted locations because of the amount, status and caliber of people who travel through them every day. From C-suite executives and board members to politicians, celebrities and entrepreneurs, it is much easier to target such important and affluent people in an airport than it is in their hardened offices. Because of such opportunity, attackers will not shy away from airports even as airports make strides to harden their perimeters. If we know one thing for sure, it’s that a motivated attacker will find a way.

To help mitigate the risk to travelers, our SecureCloud platform provides enterprise grade security to anyone. It continuously identifies risks and threats to ensure that only trusted users, using safe devices, connecting through uncompromised networks to cloud services can access corporate data. It’s free to use, and you can get started today here.