Air traffic control vulnerability could allow criminals to hack the skies

The Federal Aviation Administration must tighten the security around air traffic control in the United States, according to a new report filed by the Government Accountability Office (GAO).

In a 42-page document released on Monday, the GAO highlighted ‘significant security control weaknesses’ that could pose a threat to the security of the national airspace. According to CNN, the FAA has made 17 public recommendations, while there are a further 168 recommended actions in a separate non-public document.

Security weaknesses mentioned in the report include the prevention and detection of unauthorized access to computer resources, identifying and authenticating users and the encryption of sensitive data. The auditors found that the FAA’s information security strategic plan had not been updated since 2010, while the systems in place failed to meet the requirements of a 2002 law.

The biggest danger, notes The Washington Post, is that hackers could find a way to break into the computer system without being noticed, potentially using the aviation systems as a weapon.

FAA Administrator Michael Huerta told Congress on Tuesday that the agency will be implementing the majority of the GAO’s recommendations – a number of the actions have already been taken – while insisting “first and foremost,  the system is safe.”

Although the FAA appears to be complying with the audit’s recommendations, the vulnerabilities should not be taken lightly. The report notes that the IT weaknesses that were discovered put the national airspace under “increased and unnecessary risk of unauthorized access.”

Most of the GAO’s findings are classified, but the full 42-page public report is available to read online.

Markus Mainka /

Author , ESET

Follow us

Copyright © 2017 ESET, All Rights Reserved.