Posts
FAA officials could not be reached immediately. But the Agency has adopted a report on problems and plans for further amendments to web applications and increased use of systems to detect intrusions.The FAA uses commercial software programs to disseminate information on the Internet, but the Agency failed to install adequate intrusion detection alarms necessary to protect, the report says. Web Application Systems that are used frequently serves as a gateway to other systems and sensitive data stored elsewhere.
American systems, air traffic control, are at high risk of attack because of their links to dangerous web applications, managed by aviation authorities throughout the country, according to U.S. Department of Transportation audit.
Penetration Rate Testers found 763 high-risk sectors of weaknesses in Web applications 70 used for the allocation of functions such as communication frequencies for pilots and controllers to the public and other applications used for domestic air traffic control (ATC) in the U.S. Federal Aviation Administration (FAA), the report says.
Hackers have done harm. In February, attackers try to access the online application and weak internal FAA database that provides names, dates of birth, social security numbers, pay grades and addresses of some 48,000 current and former employees.
In August 2008, hackers compromised the critical network servers and may have closed them, which can cause serious disruption of the FAA mission support network, "says the report.
During the audit, officials of the consultancy firm KPMG and the U.S. Department of Transportation and the Office of Inspector General to gain unauthorized access to computer-related traffic management system infrastructure Aviation Weather System to Juneau and Albuquerque ATC tower, the report says.
Access is possible due to the wrong web applications, some of which were available to the public, whatever is determined by unpatched software vendor, she says.
In August 2008, hackers compromised the critical network servers and may have closed them, which can cause serious disruption of the FAA mission support network, "says the report.
During the audit, officials of the consultancy firm KPMG and the U.S. Department of Transportation and the Office of Inspector General to gain unauthorized access to computer-related traffic management system infrastructure Aviation Weather System to Juneau and Albuquerque ATC tower, the report says.
Access is possible due to the wrong web applications, some of which were available to the public, whatever is determined by unpatched software vendor, she says.
High-risk vulnerabilities are classified as if a hacker can take over your computer, steal or alter data systems. Testers also found 504 medium risk and low risk of vulnerability in 2590, such as the use of weak passwords and critical files, folders, vulnerable, the report says.
"In our view, unless effective action is taken quickly, it is likely to be a matter of when, not if, ATC system faces serious attacks, which do not harm the ATC operations report concluded.
"In our view, unless effective action is taken quickly, it is likely to be a matter of when, not if, ATC system faces serious attacks, which do not harm the ATC operations report concluded.
More than 800 computer-related security incidents were reported in fiscal 2008 for the Air Traffic Control Organization (them), get involved in the management of some 50,000 aircraft moves in the U.S. airspace daily. By the end of the year, these problems after 150 events have not yet been defined, including critical incidents in which hackers can take control of these computers, "said the report
No comments:
Post a Comment