CYBER SECURITY AT AIRPORTS 1. INTRODUCT INTRODUCTION ION Cyber Cyber Securi Security ty1 in airp airpor orts ts is one one of the the impo import rtan antt chall challen enge gess faced faced toda today. y. Airp Airpor orts ts are primary transport infrastructure of every country. There is heavy dependency on computers to drive this aviation business. The sheer volume of people and data passing through airports each day and the obvious opportunities to steal data, extort money or instigate chaos makes them an inevitable inevitable target for cyber attack .2
2. THREAT THREATS S 2.1 Botnet Botnet DDoS DDoS attac attacks ks: Colle Collecti ction on of inte intern rnet et conn connec ected ted comp comput uter ers, s, which which has has been been
comp compro romi mised sed usua usually lly with with the the assis assista tanc ncee of malw malwar aree like like Troj Trojan an Horse Horsess3. Thes Thesee are are commonly used for malicious purposes, like DDoS like DDoS attacks. attacks .4 2.2 Phishing: Phishing: It is an act of getting private and sensitive personal data 5 from computers to use in
unlawful unlawful activities. Cyber criminals do phishing phishing email messages, messages, websites and phone phone calls by installing malicious software on your computer or stealing personal information off of your computer.
1
Section 2(2)[(nb) of Information Technology Act, 2000 states “Cyber Security” as protecting information, equipment,
devices computer, computer resource, communication device and information stored therein from unauthorised access, use, disclosure, disruption, modification or destruction. 2
Available at- http://www.airportcybersecurity.com/ accessed on 1 st September, 2014.
3
A Trojan, the program is aptly called an unauthorized program which functions from inside what seems to be an
authorized program, thereby concealing what it is actually doing. Available at Regal Publications, “Cyber Crimes and Legal Measures” by Dr. Manish Kumar Chaubey; Page No- 18 Trojan comes from Greek mythology, in which the Greeks battled the Trojans (people of Troy). After years of being unable to break into the fortified city, the Greeks built a wooden horse, filled it with soldiers and pretended to sail away. After the Trojans brought the horse into the city, the Greek soldiers crept out at night, opened the gates of Troy to the returning returning soldiers, soldiers, and Troy was destroyed. destroyed. Available Available at- http://www http://www.pcmag .pcmag.com/ .com/encyc encycloped lopedia/te ia/term/5317 rm/53178/tro 8/trojan jan accessed on 3rd September, 2014 4
A Distributed denial of service is a type of computer attack that uses a number of hosts to overwhelm a server, causing
a website to experience experience a complete complete system crash. This type of denial-of-se denial-of-service rvice attack is perpetrate perpetrated d by hackers hackers to target large-scale, far-reaching and popular websites in an effort to disable them, either temporarily or permanently. Available at- http://www.techopedia.com/definition/10261/distributed-denial-of-service-ddos Accessed on 2 nd September, 2014. 5
Available at Section 3 of The Information Technology (Reasonable Security Practices and Procedures and Sensitive
Personal Data or Information) Rules, 2011 1
2.3 Click Jacking: It is an exploit in which malicious coding is hidden beneath apparently
legitimate buttons or other clickable contents on a website. Example- A visitor thinks he is clicking on button to close the window instead, the action of clicking the “X” button prompts the computer to download a Trojan horse, transfer money from a bank account or turn on the computer’s built-in microphone. 6 2.4 Attacks via USB: USB devices such as keyboards, pen drives and mice can be used to hack
into personal computers in a potential new class of attacks that evade all known security protections.7 2.5 Public Wifi: Users who connect to these "free" public networks are at great risk of
experiencing a "channelling8" attack.
3. Preventive Measures 3.1 For DDos Attack: Identify a DDos attack early- The sooner we understand that problems with our website are due to a DDoS attack, the sooner we can start to do something about it. Overprovision Bandwidth- If there is more bandwidth available then we can accommodate sudden and unexpected surges in traffic. Call your ISP- Tell your hosting provider that you are under attack and ask for help. Depending on the strength of the attack the ISP will take actions. 3.2 For Phishing:
Guard against spam- Be especially cautious of emails that come from unrecognized senders and which ask you to confirm personal or financial information over the Internet.
6
Communicate personal information only via phone or secure web sites.
When conducting online transactions, look for a sign that the site is secure.
Do not divulge personal information over the phone unless you initiate the call.
Available at-http://whatis.techtarget.com/definition/clickjacking-user-interface-or-UI-redressing-and-IFRAME-overlay
accessed on 6th September 2014 7
Available
at-http://www.reuters.com/article/2014/07/31/us-cybersecurity-usb-attack-idUSKBN0G00K420140731
accessed on 6th September, 2014 8
"Channeling" is a common practice used by hackers and identity thieves to conduct man-in-the-middle attacks, with the
objective of stealing user names, passwords, and other sensitive data transmitted by the user. The practice is disturbingly simple to carry out: By setting up an unauthorized access point in an airport lounge, hackers can easily trap passwords and other information without the user's knowledge. Available at-http://www.zdnet.com/news/hidden-dangers-of-free public-wifi/149778 accessed on 7th September 2014 2
Be cautious of emails that ask you to call a phone number to update your account information as well.
Do not click on links, download files or open attachments in emails from unknown senders.
Beware of pop-ups and follow these tips:
Never enter personal information in a pop-up screen.
Do not click on links in a pop-up screen.
Do not copy web addresses into your browser from pop-ups.
Legitimate enterprises should never ask you to submit personal information in pop-up
screens, so don’t do it.
Protect your computer with a firewall, spam filters, anti-virus and anti-spyware software.
Check your online accounts and bank statements regularly. 9
3.3 For Click Jacking:
Update your Internet browser and plug-ins such as Flash. Download Clickjacking Detection/Prevention Software like NoScript-A free anticlickjacking plug-in for Firefox. 10 3.4 For Public wifi:
Turn off automatic connection. Beware of the information you share in the public locations. Utilize a VPN whenever possible to encrypt your data, if you need to do secure transactions. Keep you security suite up to date. Turn off share folders. 11
9
Available at-http://www.identitytheftkiller.com/prevent-phishing-scams.php accessed on 7th September, 2014
10
Available at-http://netsecurity.about.com/od/antivirusandmalware/a/The-Dangers-Of-Clickjacking.htm accessed on
7th September, 2014 11
Available at-http://www.zdnet.com/news/hidden-dangers-of-free-public-wifi/149778 accessed on 7th September, 2014 3
4. Case Study: Airports Authority of India (AAI) cyber security at risk (2012) 12
Serious vulnerabilities in the cargo management system at Chennai, Coimbatore, Kolkata, Amritsar, Lucknow and Guwahati airports reported by the National Technical Research Organisation (NTRO) Cyber attack hits Istanbul Airport passport control system
Media agencies and official sources revealed that the passport control system at the departure terminal of the Istanbul Ataturk Airport International was hit by a cyber attack on Friday 26 th July 2013, but concerning news is that also another airport in the same city was also victims of hackers. The Istanbul Ataturk International Airport went into the chaos, the plane departures were delayed with corresponding impact on waiting times for passengers. Authorities investigated the incidents, security experts believed that attackers used malware to steal user’s data13. A data breach14 to system like the one deployed at Istanbul Ataturk International Airport could allow to hackers to gather sensitive information but it could be also used with sabotage purpose. 15 Possible Judgement-
If this incident would have taken place in any of the airports of India then after analyzing this whole case legally, as per my knowledge and study, Section 43(b) of The Information Technology Act 2000 shall be applied which states as Penalty and compensation for damage to computer, computer system, etc- If any person without permission of the owner or any other person who is
incharge of a computer, computer system or computer network downloads, copies or extracts any
12
13
Available at-http://businesstoday.intoday.in/story/india-cyber-security-at-risk/1/191786.html Section 2(2) (o) of The Information Technology Act, 2000 states “data” as a representation of information,
knowledge,facts, concepts or instructions which are being prepared or have been prepared in a formalised manner, and is intended to be processed, is being processed or has been processed in a computer system or computer network, and may be in any form (including computer printouts magnetic or optical storage media, punched cards, punched tapes) or stored internally in the memory of the computer: 14
A “data breach” is an incident that involves the unauthorized or illegal viewing, access or retrieval of data by an
individual, application or service. It is a type of security breach specifically designed to steal and/or publish data to an unsecured or illegal location. Available at-http://www.techopedia.com/definition/13601/data-breach accessed on 10 th September, 2014 15
Read
more
at-http://securityaffairs.co/wordpress/16721/hacking/istanbul-ataturk-international-airport-targeted-by-
cyber-attack.html accessed on 10 th September, 2014 4
data from computer database or any information from such computer, computer system or computer network including information or data held or stored in any removable storage medium.
New Malaysia Airlines Flight MH370 ‘Cyber Hijack’ 16
As the search for the missing Malaysia Airlines Flight MH370 continues, investigators have come across some startling evidence that the plane could have been hijacked using a mobile phone or even a USB stick. The theory comes from a British anti-terrorism expert who says cyber terrorists could have used a series of “codes” to hack the plane’s in-flight entertainment system and infiltrate the security software.According to a former scientific adviser to the UK’s Home Office, the Boeing 777’s speed, direction and altitude could have been changed using radio signals sent from a small device. The theory comes after investigators determined that someone with knowledge of the plane’s system intentionally flew the jet off course.“It might well be the world’s first cyber hijack,” The adviser also said that the evidence increasingly indicates that someone took over the plane’s controls “in a deceptive manner” and overwhelmed the plane’s system either remotely or from a seat on the plane.17
5. Conclusion and Suggestions Cyber Security at airports is a very critical issue. Serious actions should be considered and implemented by airport authorities in for security measures and also to prevent the business. Firstly it is important to identify the cyber-rish and threat and accordingly measures should be taken to establish a cyber-security strategy, objectives, vission and mission. Next step should be promotion of cyber security awareness.
16
Cyber Hijacking is also called Man in the middle attack. It is a class of attacks where the cracker begins by listening in on thev electronic conversations between two communicating hosts. Common form of such attack is replay attack. IIt obtaIns information being passed over the network through network sniffers and can replay the information later to obtain access of a computer system. 17
5
6