Almost all large airports in the world are said to be vulnerable to cyber attacks says research compiled by Web Security Company ImmuniWeb. It was discovered in the study that only three airports in the world were found without any single major IT issue and those are as follows- Amsterdam Airport Schiphol (EU), Helsinki Vantaa Airport (EU) and Dublin Airport (EU).
Some of the highlights of the ImmuniWeb’s report are 97% of the websites were found to be using outdated software, 24% of websites had security vulnerabilities, 24% of websites had no SSL Encryption or use Obsolete SSLv3 and over 76% were not complying with GDPR and PCL DSS rules.
When it came to the security offered by the mobile applications of airports, most of the apps were displaying vulnerabilities either related to encryption, software frameworks or privacy.
Out of 100 airports, 66 were found to be exposed on the Dark Web in one way or the other.
Ilia Kolochenko, CEO and Founder of ImmuniWeb, is advising all airports to implement continuous web monitoring solutions, to avoid any intrusions phishing and password re-use attacks.
Also implementing a 3rd part risk management program encompassing consistent monitoring of vendors and suppliers is also required. Creating awareness among the staff, explaining them the risks while handling emails will also be helpful.