CYBER SECURITY AT AIRPORTS

1. INTRODUCTION
Cyber Security1 in airports is one of the important challenges faced today. Airports
are primary transport infrastructure of every country. There is heavy dependency on computers to
drive this aviation business. The sheer volume of people and data passing through airports each
day and the obvious opportunities to steal data, extort money or instigate chaos makes them an
inevitable target for cyber attack.2

2. THREATS
2.1 Botnet DDoS attacks: Collection of internet connected computers, which has been
compromised usually with the assistance of malware like Trojan Horses3. These are
commonly used for malicious purposes, like DDoS attacks.4
2.2 Phishing: It is an act of getting private and sensitive personal data5 from computers to use in
unlawful activities. Cyber criminals do phishing email messages, websites and phone calls by
installing malicious software on your computer or stealing personal information off of your
computer.
1

Section 2(2)[(nb) of Information Technology Act, 2000 states Cyber Security as protecting information, equipment,

devices computer, computer resource, communication device and information stored therein from unauthorised access,
use, disclosure, disruption, modification or destruction.
2

Available at- http://www.airportcybersecurity.com/ accessed on 1st September, 2014.

A Trojan, the program is aptly called an unauthorized program which functions from inside what seems to be an

authorized program, thereby concealing what it is actually doing. Available at Regal Publications, Cyber Crimes and
Legal Measures by Dr. Manish Kumar Chaubey; Page No- 18
Trojan comes from Greek mythology, in which the Greeks battled the Trojans (people of Troy). After years of being
unable to break into the fortified city, the Greeks built a wooden horse, filled it with soldiers and pretended to sail away.
After the Trojans brought the horse into the city, the Greek soldiers crept out at night, opened the gates of Troy to the
returning soldiers, and Troy was destroyed. Available at- http://www.pcmag.com/encyclopedia/term/53178/trojan
accessed on 3rd September, 2014
4

A Distributed denial of service is a type of computer attack that uses a number of hosts to overwhelm a server, causing

a website to experience a complete system crash. This type of denial-of-service attack is perpetrated by hackers to target
large-scale, far-reaching and popular websites in an effort to disable them, either temporarily or permanently. Available
at- http://www.techopedia.com/definition/10261/distributed-denial-of-service-ddos
Accessed on 2nd September, 2014.
5

Available at Section 3 of The Information Technology (Reasonable Security Practices and Procedures and Sensitive

Personal Data or Information) Rules, 2011

1

2.3 Click Jacking: It is an exploit in which malicious coding is hidden beneath apparently
legitimate buttons or other clickable contents on a website. Example- A visitor thinks he is
clicking on button to close the window instead, the action of clicking the X button prompts
the computer to download a Trojan horse, transfer money from a bank account or turn on the
computers built-in microphone.6
2.4 Attacks via USB: USB devices such as keyboards, pen drives and mice can be used to hack
into personal computers in a potential new class of attacks that evade all known security
protections.7
2.5 Public Wifi: Users who connect to these "free" public networks are at great risk of
experiencing a "channelling8" attack.

3. Preventive Measures
3.1 For DDos Attack:
Identify a DDos attack early- The sooner we understand that problems with our
website are due to a DDoS attack, the sooner we can start to do something about it.

Overprovision Bandwidth- If there is more bandwidth available then we can

accommodate sudden and unexpected surges in traffic.

Call your ISP- Tell your hosting provider that you are under attack and ask for help.
Depending on the strength of the attack the ISP will take actions.
3.2 For Phishing:

Guard against spam- Be especially cautious of emails that come from unrecognized
senders and which ask you to confirm personal or financial information over the
Internet.

Communicate personal information only via phone or secure web sites.

When conducting online transactions, look for a sign that the site is secure.

Do not divulge personal information over the phone unless you initiate the call.

Available at-http://whatis.techtarget.com/definition/clickjacking-user-interface-or-UI-redressing-and-IFRAME-overlay

accessed on 6th September 2014

7

Available

at-http://www.reuters.com/article/2014/07/31/us-cybersecurity-usb-attack-idUSKBN0G00K420140731

accessed on 6th September, 2014

8

"Channeling" is a common practice used by hackers and identity thieves to conduct man-in-the-middle attacks, with the

objective of stealing user names, passwords, and other sensitive data transmitted by the user. The practice is disturbingly
simple to carry out: By setting up an unauthorized access point in an airport lounge, hackers can easily trap passwords
and other information without the user's knowledge. Available at-http://www.zdnet.com/news/hidden-dangers-of-freepublic-wifi/149778 accessed on 7th September 2014
2

Be cautious of emails that ask you to call a phone number to update your account
information as well.

Do not click on links, download files or open attachments in emails from unknown
senders.

Beware of pop-ups and follow these tips:

Never enter personal information in a pop-up screen.

Do not click on links in a pop-up screen.

Do not copy web addresses into your browser from pop-ups.

Legitimate enterprises should never ask you to submit personal information in pop-up

screens, so dont do it.

Protect your computer with a firewall, spam filters, anti-virus and anti-spyware
software.

Check your online accounts and bank statements regularly.9

3.3 For Click Jacking:

Update your Internet browser and plug-ins such as Flash.

Download Clickjacking Detection/Prevention Software like NoScript-A free anticlickjacking plug-in for Firefox.10

3.4 For Public wifi:

Turn off automatic connection.

Beware of the information you share in the public locations.

Utilize a VPN whenever possible to encrypt your data, if you need to do secure
transactions.

Keep you security suite up to date.

Turn off share folders.11

Available at-http://www.identitytheftkiller.com/prevent-phishing-scams.php accessed on 7th September, 2014

10

Available at-http://netsecurity.about.com/od/antivirusandmalware/a/The-Dangers-Of-Clickjacking.htm accessed on

7th September, 2014

11

Available at-http://www.zdnet.com/news/hidden-dangers-of-free-public-wifi/149778 accessed on 7th September, 2014

3

4. Case Study:
Airports Authority of India (AAI) cyber security at risk (2012)12
Serious vulnerabilities in the cargo management system at Chennai, Coimbatore, Kolkata, Amritsar,
Lucknow and Guwahati airports reported by the National Technical Research Organisation (NTRO)
Cyber attack hits Istanbul Airport passport control system
Media agencies and official sources revealed that the passport control system at the departure
terminal of the Istanbul Ataturk Airport International was hit by a cyber attack on Friday 26th July
2013, but concerning news is that also another airport in the same city was also victims of hackers.
The Istanbul Ataturk International Airport went into the chaos, the plane departures were delayed
with corresponding impact on waiting times for passengers. Authorities investigated the incidents,
security experts believed that attackers used malware to steal users data13. A data breach14 to system
like the one deployed at Istanbul Ataturk International Airport could allow to hackers to gather
sensitive information but it could be also used with sabotage purpose.15
Possible JudgementIf this incident would have taken place in any of the airports of India then after analyzing this whole
case legally, as per my knowledge and study, Section 43(b) of The Information Technology Act
2000 shall be applied which states as Penalty and compensation for damage to computer,
computer system, etc- If any person without permission of the owner or any other person who is
incharge of a computer, computer system or computer network downloads, copies or extracts any

12

13

Available at-http://businesstoday.intoday.in/story/india-cyber-security-at-risk/1/191786.html
Section 2(2) (o) of The Information Technology Act, 2000 states data as a representation of information,

knowledge,facts, concepts or instructions which are being prepared or have been prepared in a formalised manner, and is
intended to be processed, is being processed or has been processed in a computer system or computer network, and may
be in any form (including computer printouts magnetic or optical storage media, punched cards, punched tapes) or stored
internally in the memory of the computer:
14

A data breach is an incident that involves the unauthorized or illegal viewing, access or retrieval of data by an

individual, application or service. It is a type of security breach specifically designed to steal and/or publish data to an
unsecured or illegal location. Available at-http://www.techopedia.com/definition/13601/data-breach accessed on 10th
September, 2014
15

Read

more at-http://securityaffairs.co/wordpress/16721/hacking/istanbul-ataturk-international-airport-targeted-by-

cyber-attack.html accessed on 10th September, 2014

4

data from computer database or any information from such computer, computer system or computer
network including information or data held or stored in any removable storage medium.
New Malaysia Airlines Flight MH370 Cyber Hijack16
As the search for the missing Malaysia Airlines Flight MH370 continues, investigators have come
across some startling evidence that the plane could have been hijacked using a mobile phone or even
a USB stick. The theory comes from a British anti-terrorism expert who says cyber terrorists could
have used a series of codes to hack the planes in-flight entertainment system and infiltrate the
security software.According to a former scientific adviser to the UKs Home Office, the Boeing
777s speed, direction and altitude could have been changed using radio signals sent from a small
device. The theory comes after investigators determined that someone with knowledge of the planes
system intentionally flew the jet off course.It might well be the worlds first cyber hijack, The
adviser also said that the evidence increasingly indicates that someone took over the planes controls
in a deceptive manner and overwhelmed the planes system either remotely or from a seat on the
plane.17

5. Conclusion and Suggestions

Cyber Security at airports is a very critical issue. Serious actions should be considered and
implemented by airport authorities in for security measures and also to prevent the business. Firstly
it is important to identify the cyber-rish and threat and accordingly measures should be taken to
establish a cyber-security strategy, objectives, vission and mission. Next step should be promotion of
cyber security awareness.

16

Cyber Hijacking is also called Man in the middle attack. It is a class of attacks where the cracker begins by listening in
on thev electronic conversations between two communicating hosts. Common form of such attack is replay attack. IIt
obtaIns information being passed over the network through network sniffers and can replay the information later to
obtain access of a computer system.
17