Air Traffic Control System Vulnerable to Cyberattack
A new Government Accountability Office report has found that the country’s air traffic control systems are vulnerable to hackers.
The 42-page document "Information Security: FAA Needs to Address Weaknesses in Air Traffic Control Systems" said that while the FAA has taken steps to decrease vulnerabilities in the air traffic control system, it has not fully addressed problems including those which could make critical computer systems vulnerable to hackers, said CNN.
"These include weaknesses in controls intended to prevent, limit, and detect unauthorized access to computer resources, such as controls for protecting system boundaries, identifying and authenticating users, authorizing users to access systems, encrypting sensitive data, and auditing and monitoring activity on FAA's systems," the GAO authors wrote.
The agency's information security systems and procedures did not meet the requirements of a 2002 law, and its information security strategic plan had not been updated since 2010, said CNN.
"These shortcomings put (national airspace) systems at increased and unnecessary risk of unauthorized access, use, or modification that could disrupt air traffic control operations," the report said.
The GAO's 17 public recommendations include increasing training, do a better job of identifying and fixing problems, strengthening protocols for access control, increasing organizational planning, and keep better records to allow monitoring data traffic to detect unauthorized access.
The FAA agreed with the GAO's recommendations in a two page letter included in the document and highlighted their efforts to increase cyber security. "The Agency is fully cognizant of the vital requirement to secure the National Airspace System cyber environment as part of the nation's critical infrastructure," Keith Washington, the Acting Assistant Secretary for Administration wrote.