When it comes to the threat of cyberattacks in America, the sky is indeed the limit.
The Federal Aviation Administration’s NextGen air traffic control data system has a number of security vulnerabilities that pose serious threats to the millions of passengers traveling through the skies every day.
Related: Your Next Flight Could Be Hit By a Cyber Attack
That’s the revelation from a new Government Accountability Office report, which claims U.S. commercial airplanes and air traffic control centers are vulnerable to malicious cyberattacks.
One of the disturbing findings deals with on-flight Wi-Fi networks. The auditors said the networks could be penetrated by hackers to bring down planes. While the report makes clear such a scenario isn’t likely – the watchdog says it’s possible.
The GAO said the FAA has serious security weaknesses within two major aviation systems that control where the planes’ locations, their routes, and how they communicate with each other. The auditors expressed concern about the agency’s air-traffic control information systems, as well as aircraft avionics systems that are used to operate and guide the aircraft, which they say could be hacked into and used to disrupt the entire airspace.
This is not the first time the GAO has flagged the FAA’s vulnerable data systems. Back in January auditors issued a report blasting the agency for not doing enough to protect its National Airspace System (NAS) from hackers. That system controls all of America’s airport and air traffic control centers.
Related: Wanted, 3,000 Hackers for Cool Pentagon Jobs
The agency said the security weaknesses pose a threat because hackers could potentially gain access to the NAS and tamper with or disrupt air traffic control operations; hackers could also potentially access FAA accounts and passwords.
“FAA is at increased risk that accounts could be compromised and used by unauthorized individuals to access sensitive information or systems,” the report said.
The GAO recommended the FAA develop a sufficient strategy to address any cyber security weaknesses. The agency, for its part, responded that it’s made progress since the first report was issued in January.
Top Reads from The Fiscal Times:
