NEWS FROM THE LAB - Thursday, June 25, 2009

Government, Military - Aviation? Posted by Alia @ 02:25 GMT

U.S. Secretary of Defense Robert Gates recently confirmed the creation of a U.S. Cyber Command aimed at dealing with cyberthreats to military resources. A previously announced White House "cybersecurity coordinator" is already in the works to deal with similar threats to critical government infrastructures.

On the whole, that's good news. It would be great however to hear of similar efforts in protecting a particular commercial resource thatís definitely "critical infrastructure" – civil aviation electronic systems.

Earlier this year, the U.S. Department of Transportation released an audit report (streaming PDF here, Open rather than Save) in which it determined the national air traffic control systems administered by the Federal Aviation Administration (FAA) had significant weaknesses and vulnerabilities, potentially allowing an unauthorized party to access and control vital services and systems.

This isnít the first time the FAA has been criticized for the weaknesses in civil aviation electronic system security, with the first such criticisms coming as early as 1998.

The report cites incidences that took place in 2006, 2008 and 2009 as supporting evidence that the administrative and operational systems can be breached. The FAA contends this claim.

Not cited in the report, but of possible interest, is a 1998 incident in which a teenager successfully disabled vital airport control tower services at a regional Massachusetts airport (CNet article here).

Hopefully, with the current government enthusiasm for improving computer security, the current civil aviation systems get some attention too.