Air Traffic Control System Vulnerable to Cyberattack
A Government Accountability Office (GAO) report is warning that cybersecurity weaknesses could lead to disruptions and undermine the safety of the nation's air traffic control system.
The report said the Federal Aviation Administration (FAA) has taken steps to protect the air traffic system from cyber-based threats, but that "significant security control weaknesses remain."
One area of weaknesses is the ability to prevent and detect unauthorized access to the vast network of computer and communications systems the FAA uses to process and track flights around the world, said Fox News.
There also are inadequate protections to prevent entry into air traffic computer systems from other, less-secure computer systems not directly involved in traffic operations.
Air traffic controllers are responsible for the average 2,850 flights aloft at any given moment, said the Washington Post. The 14,000 controllers work in three types of facilities: 500 airport control towers that oversee landings and takeoffs; 160 facilities that direct planes to and from cruising altitudes; and 22 centers that supervise aircraft at cruising altitude.
The most serious threat would come if hackers broke into the system and found a way to disrupt the flow of aircraft without being noticed. A breach that was detected immediately, however, would be less likely to significantly compromise operations, experts said. "The system is designed with contingency plans for a shutdown of any particular system," said Steven B. Wallace, an aviation safety consultant who formerly directed the FAA office of accident investigation.
The FAA said it is aware of the importance of the matter and has achieved several milestones in improving its cybersecurity.
The FAA has created a cybersecurity steering committee, but the report said its work was hindered by disagreements between the agency's technological office and the air traffic control group, the Post reported.