INGATE

From The Sip Trunking Experts

TMCNet:  Report Warns Air Traffic Control System Vulnerable to Cyber Terrorism

[May 27, 2009]

Report Warns Air Traffic Control System Vulnerable to Cyber Terrorism

May 27, 2009 (Congressional Documents and Publications/ContentWorks via COMTEX) -- Washington, D.C. - A federal government report released today confirms that the nation's air traffic control system is vulnerable to cyber attacks and will continue to be as the system is modernized, unless steps are taken to address significant security gaps.


At the request of U.S. Rep. John L. Mica (R-FL) and U.S. Rep. Tom Petri (R-WI), the U.S. Department of Transportation Office of Inspector General (OIG) investigated the security issue as the Federal Aviation Administration continues to develop a satellite-based air traffic control system heavily reliant on commercial software and Internet Protocol (IP)-based technology.

"Our concerns about the cyber security of the U.S. air traffic control system are validated by this report," said Mica, the Republican Leader of the House Committee on Transportation and Infrastructure and the former Chairman of the Subcommittee on Aviation. "Federal Aviation Administration systems are vulnerable to cyber terrorist attacks.

"In recent years, hackers have been able to access FAA systems. Luckily, these attacks have not resulted in any serious damage, but this report confirms that our entire system could be compromised by a similar threat.

"FAA's capability to avert and respond to cyber threats must be strengthened. Any such attack on U.S. transportation systems is serious, but an attack on our aviation system could jeopardize the entire industry and poses a significant threat to safety. Mr. Petri and I have requested a Committee hearing on this issue," Mica said. (see attached letter) "The threat of hackers interfering with our air traffic control systems is not just theoretical - it has already happened," said Petri, the Subcommittee on Aviation Ranking Member. "Extensive and sophisticated hacking is carried out not only by individuals but also by criminal syndicates and foreign powers. During periods of international tension, we could suddenly find ourselves dealing with crippled civilian aviation. We must regard the strengthening of our air traffic control security as an urgent matter of safety, of great importance to the national economy, and a matter of national security." While suited to air traffic control (ATC) system modernization, the increased reliance on commercial software and IP-based technologies creates more opportunities for cyber attackers to take advantage of software vulnerabilities to hack into FAA systems. This is particularly concerning as the threat from nation-state-sponsored cyber attacks increases.

In its security audit, the OIG identified 763 high-risk vulnerabilities that may provide an attacker with immediate access into an FAA computer system and could be used to execute remote commands or introduce a virus into the system.

In recent years, similar vulnerabilities have resulted in a partial shutdown of ATC systems in Alaska, allowed hackers access to FAA's administrative network, and compromised personally identifiable information of 45,000 FAA employees.

In addition to the network vulnerabilities identified, the OIG found insufficient monitoring coverage of ATC systems due to lack of cooperation between FAA and DOT's Cyber Security Management Center (CSMC).

Mica added, "The expansion of the CSMC's responsibilities from the Federal Aviation Administration to Department-wide cyber monitoring may have diluted the responsibility of the office and compromised FAA's ability to monitor and deal with cyber security issues. I believe that we need to enhance the FAA's ability to monitor cyber incidents both system-wide and at the facility level.

"We have asked the OIG to continue rigorous oversight of the FAA's and CSMC's implementation of their recommendations and to report regularly on their progress." The entire report will be available at http://www.oig.dot.gov/.

#DAL1234#

[ Back To SIP Trunking Home's Homepage ]

Loading
Subscribe here for your FREE
SIP TRUNKING enewslettter.

Featured Partner


Featured Whitepapers

SIP Security for the Enterprise
Voice over IP (VoIP) is incorporated into a variety of computer networks, both public and private, and used for everyday transactions and communications among carriers, businesses, government agencies...

Making A Broadband Purchase Decision
Businesses today have many options for broadband connectivity. Clarifying your particular business needs prior to selecting a broadband provider will ensure an optimal match of broadband service to your requirements.

Voice-Optimized Network Delivers Premier Call Experience
Customers equate call quality with business quality. Real-time communication, interpersonal interaction, and the cordial tone of a call center representative can create a positive impression of your business that no email can match.

Featured Case Studies

Business Telecom Expenses Reduced 50%
A small to medium sized company in the midwest was interested in migrating to IP Communications, but in today's economy, they were hesitant to upgrade their communication system due to their perception that the cost would outweigh the benefits.

Multi-State Company Cuts Telecom Costs 50%
A multi-site, multi-state company with extensive monthly long distance fees and toll-free charges did not have adequate broadband for Broadvox SIP Trunking requirements, nor did they have a SIP enabled telephone system.

Discover Leisure Connects Remote Users to its IP-PBX
Discover Leisure is one of the largest resellers of caravans and motor homes in the UK. With 15 branch of?ces all over the country, the company spent a great deal of money every month just on internal phone calls.

Featured eBOOKS

Internet+: The Way Toward Global Unified Communication
Connecting the telephony of the enterprise PBX or Unified Communications (UC) system using SIP trunks instead of conventional telephone lines has been very successful in recent years.

What is SIP Trunking? Edition 2
SIP trunking is becoming more of a focus for service providers. One key issue many service providers face when deploying SIP trunks is NAT, or Network Address Translation, traversal.

What is SIP Trunking? Edition 1
A vast resource for information about all things SIP - including SIP, security, VoIP, SIP trunking and Unified Communications.

Featured Videos

Broadvox VAR Testimonial VAR 1:
Part 1 of the VAR (Value Added Reseller) Partner Program Testimonials for Broadvox...

E-SBCs AS The Demarcation Point:
Ingate's Steve Johnson talks to Erik Linask about the role session border controller plays as the demarcation point at...

Demystifying DPI
How can deep packet inspection protect your SIP traffic as well as your entire network?

Featured Resources

Partner Program Overview:
Over 4,000 VARs, Master Agents, Solution Providers, and Independent IT Professionals trust Broadvox. We offer customized services and solutions to fit seamlessly into any company's business model. And when you partner with Broadvox, every member of our team stands behind you and your customers 100%...

SIP Trunk UC Summit

What's New

Presenting the New Ingate/Intertex Website:
Internet+ is an extended Internet access allowing high quality SIP (Session Initiation Protocol) based real-time person-to-person communication, everywhere and for any application. It applies to both fixed and mobile networks ...

Featured Blogs

Featured Webinars

Secure SIP Trunking:
What You Need to Know

Successfully Deploying Enterprise SIP Trunking:
Tools and Techniques for Overcoming Common Roadblocks

Featured Podcasts

Getting the Most Out of Your SIP Trunks:
Ingate's Steve Johnson and TMC's Erik Linask discuss how best practices forgetting the most out of SIP Trunking services and common pitfalls to avoid.

Featured Datasheets

Ingate SIParator E-SBCs
Adopting SIP is a simple process with the Ingate SIParator, the secure enterprise session border controller (E-SBC). The SIParator makes secure SIP communications - including VoIP,SIP trunking and more - possible while working seamlessly with your existing network firewall.

Ingate Firewalls
Everyone is talking about enterprise usage of VoIP, instant messaging and other types of realtime communications including presence and conferencing.

SIP Trunk Solutions for Service Providers
The award-winning Ingate Firewall and Ingate SIParator deliver a high quality, reliable SIP trunk connection between the customer's IP-PBX and the service provider network, and solve interoperability issues to simplify deployments and support for remote diagnosis of reported issues.