Home' RTCA Documents for Review : DO-230H FRAC Contents 280
© 2017, RTCA, Inc.
This approach has created vulnerabilities which can be exploited by adversaries to compromise sensitive
security information (SSI) or to control or damage the systems themselves.
Contributing factors to the escalation of cyber-attacks in recent years include:
Utilization of standardized technologies with known vulnerabilities.
IT systems connected to other networks that are not secure, thus exacerbating vulnerabilities.
Insufficient or misconfigured firewall protection.
Lack of or weak encryption of data traversing the network, i.e. telnet or http allowing username or
passwords to be transmitted un-encrypted.
Lack of an effective user awareness program, to include policies, procedures, technologies and
Making the right information available to the right people—and only to those people—involves
cultural, technological, and operational changes in a dynamic environment. Airport operators
should recognize that such an approach is likely to challenge cultural barriers to trust and data
sharing within the organization.
Portable flash drives are a particular concern because they connect to USB ports commonly found
on desktop and laptop computers, and can insert payloads to destroy all or portions of an airport’s
IT system in addition to enabling third parties to steal valuable information. An example is the
Stuxnet cyber-attack on SCADA systems which controlled Iranian nuclear centrifuges. The
attacking software, allegedly delivered by a USB connected flash drive, used multidisciplinary
exploitation techniques to achieve a specific result on a particular target.
The security requirements of a particular system and the arrangements made for identifying risks and
keeping them within acceptable levels is a critical continuing function, not just a one-time event. New
vulnerabilities on existing systems arise almost daily; having a process to address them is paramount.
Basic measures to minimize the threat of cyber-attacks include:
Authorized individuals failing to log off or re-secure their access points or computers, making
undetectable unauthorized access available by others.
Authorized individuals gaining access to portions of the network they are not authorized to access.
Unauthorized individuals gaining access to the network from computers or systems that normally
allow access to authorized individuals, either by “hacking” or by using an authorized individual’s
passwords or access codes, which in turn suggests a need for stronger password protocols.
Unauthorized individuals gaining access to the network from computers or systems on premises
that normally do not allow access.
Unauthorized individuals gaining net access through external connections such as modems or wire-
Like all security, network/data/information security is based on understanding these and other
vulnerabilities and threats and agreeing which threats can be mitigated. Regardless of what the threats are,
at least three levels of controls can be considered to mitigate the risks:
Administrative Control. The security system applications and network shall support the airport’s
own security standards, policy and procedures, including password policy.
Logical Control. Use software and data to monitor and control access to information and computing
systems, e.g., passwords, network and host based firewalls, network intrusion systems, access
control lists, and data encryption techniques.
Links Archive Navigation Previous Page Next Page