Re: FAA hacked by patriots

[InfoSec News <isn () c4i org>]

Forwarded from: Drew Williams <drew928s () yahoo com>

Good article by Kevin on the FAA getting hacked. I hope the FAA
realizes its vulnerabilities stem far beyond those of a couple of kids
and some passenger screening protocols. Last year some of our Security
folks (from a major IT Security company for whom I work), visited the
FAA and discussed the simple problems of viruses, and how they could
corrupt those very servers that control the flight patterns.

Because of pricing-per-server, the FAA employs a very cheap and hardly
reliable brand of anti-virus technology, which has been documented as
not even close to a top-five contender. This worries a lot of
people--especially those of us in IT security who have to fly every
week.

I hope the FAA will make some changes in how they view their
infrastructure--not just how they look at little old ladies getting
"randomly" screened at the gates.


--- InfoSec News <isn () c4i org> wrote:
> http://www.theregister.co.uk/content/55/25029.html
>
> By Kevin Poulsen, SecurityFocus Online
> Posted: 26/04/2002 at 06:54 GMT
>
> Hackers were able to penetrate a Federal Aviation Administration
> system earlier this week and download unpublished information on
> airport passenger screening activities, federal officials confirmed
> Thursday.
>
> Styling themselves "The Deceptive Duo," the hackers on Wednesday
> publicly defaced an FAA server used by what was the administration's
> Civil Aviation Security organization, which until recently was
> responsible for supervising passenger screening at U.S. airports.  
> There, the intruders posted a mission statement vowing to expose
> America's poor state of cyber security for the good of the nation.

[...]



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.