Web Perversion
Solutions
Inside Sanctum
Events
Customers
Support
AppShield Demo
AppScan Demo
web perversion demo
Featured Coverage  
Despite increased security, airlines still vulnerable to cyberattack, analysts say
 

Aerospace Daily
January 24, 2002

As more measures are taken to tighten physical security in domestic airports, U.S. airlines remain highly vulnerable to cyberattack, according to Internet security analysts.

Airlines make particularly attractive targets for cybercriminals - whose crimes can run the gamut from simple vandalism to identity theft and financial espionage - since so much of their business has migrated online, according to Izhar Bar-Gad, chief technology officer at Sanctum, Inc.

An online security company, Sanctum often performs "audits" for companies, in which they run experiments to see how vulnerable their clients' web operations are, Bar-Gad said.

"We've audited quite a few airlines in the U.S., and the situation with them is certainly not good," he told The DAILY. "We've been able to do many things, starting from downloading all of the source code of their site, [to] gaining access to their employee accounts, changing aspects of their pricing, etc. The results are very, very frightening."

The potential dangers to airlines include lost revenue due to ticket forging and price manipulation, as well as graver threats, Bar-Gad said, including "looking at records of their employees, and thereby gaining access to their employees, which is something that is extremely dangerous."

Sanctum, along with other cybersecurity companies such as KaVaDo Inc. and Stratum8 Networks, are involved in the emerging field of "application security," in which programs running on a company's website are protected, in addition to protecting the server itself.

"In the early days of the Internet, what the hackers were going against was the operating systems of the servers," John Pescatore, research director for Internet security at Gartner Group, told The DAILY. "These days we're more likely to find them going after the applications, like, say in a shopping site - the shopping cart application. Or on a travel site - the application that presents you with itineraries and books the reservation. This is software that's written specifically to run on top of the web server, and those are where we find huge, gaping holes [in security]."

A determined cybercriminal could use the Internet to gain information not only about airline customers and employees, but also critical information about the aircraft themselves - "all of the information about [the planes], all their plans for them, where they keep them, where they fly them, at what times, etc.," Bar-Gad said.

Despite all the emphasis on increased physical security after the Sept. 11 terrorist attacks, Pescatore isn't sure that the threat of cyberattack has "sunk in" with most U.S. airlines yet.

"The reason I say I'm not sure that it's really sunk in is, I've seen a lot of proposed use of wireless networks by the airlines at airports for ground communications and the like, and [in] the proposals I've seen, they look like they've been leaving them wide open. Now that's not the Internet, necessarily, but it's wireless networks that any passenger in the airport with a laptop with a wireless interface could try to take advantage of."

Although most known use of the Internet by terrorists so far has been "legitimate" - i.e., e-mail, research, and online shopping or banking - Pescatore thinks it's only a matter of time before they branch out into cyberattack.

"The Internet lets terrorists take a shot in the safety of their own country, so we know it's inevitable," he said.



      © 2002 Sanctum, Inc.      Privacy Statement



  1. https://www.gustudentassociation.org/
  2. https://kimmerestaurant.com/
  3. https://www.nyonyafood.com/
  4. https://www.perfectotech.com/
  5. https://www.planetgapyear.com/
  6. https://whatcomvet.com/
  7. https://theclassicyachtexperience.com/
  8. https://www.batonrougerosesociety.org/
  9. https://www.finburysullivan.com/
  10. https://mikrofinanzinstitut.com/
  11. https://oakgroveplantationsc.com/
  12. https://www.the-vision-of-harmony.org/
  13. https://www.pantheonpress.com/
  14. https://thefinancialgraduate.com/
  15. https://www.thenutkitchen.com/
  16. https://altiboutique.com/
  17. https://ambushsweden.com/
  18. https://goingonforgod.com/
  19. https://lasdopestattorney.com/
  20. https://www.sewardne.com/
  21. https://www.tehranfestival.com/
  22. https://www.bistrotmarin.com/
  23. https://brysonchristianmontessorischool.com/
  24. https://www.excalibureurope.com/
  25. https://www.tropicaltopless.com/
  26. https://www.originallotsoflox.com/
  27. https://www.wavespace-berlin.com/
  28. https://www.nicolasboutruche.com/
  29. https://www.michiganmediates.org/
  30. https://www.victoria-abbott.com/
  31. https://www.yourmyrtlebeachproperty.com/
  32. https://metrcconference.com/
  33. https://biotechscope.com/
  34. https://jzbrasil.com/
  35. https://kingswoodacquisition.com/
  36. https://www.mobilegourmetkitchen.com/
  37. https://saafootball.org/
  38. https://griefergames.info/
  39. https://ampalauragarcianoblejas.com/
  40. sbobet
  41. judi parlay
  42. togel kamboja
  43. Pengeluaran Cambodia
  44. judi bola
  45. demo slot
  46. Togel Kamboja
  47. keluaran Kamboja
  48. slot thailand
  49. togel kamboja
  50. keluaran kamboja
  51. togel Kamboja
  52. slot demo
  53. keluaran cambodia
  54. togel cambodia
  55. demo mahjong
  56. live draw macau