The issue of critical infrastructure protection came into stark focus with the recent news that 75 airports fell victim to malicious intruders. This large-scale attack calls much-needed attention to the necessity of firming up cyber security in places like these. Through the implementation of critical infrastructure security, large-scale breaches on resources like airports — services that are vital for a functional society — can be avoided.
According to Nextgov, a sophisticated virtual spying operation directly impacted 75 U.S. airports in 2013. The intrusion happened via an Advanced Persistent Threat (APT) attack, which means an intrusion was carried out by top-tier hackers who are generally funded by a nation-state.
After the U.S. federal government uncovered this prolonged attack, it recruited a non-profit group called the Center for Internet Security to help put the pieces of the malicious puzzle together. CIS officials found that the incursion was generated through sending out a series of spear-phishing emails — malware-laden messages that are highly customized for the recipient and can wreak havoc on an unsuspecting user's system.
In the case of this airport episode, the spear-phishing emails were sent to aviation personnel who opened the emails and unwittingly exposed highly confidential data to criminal eyes, the CIS reported.
As far as the motive for the attack, Adnan Baykal, CIS vice president of services, said airports come as a particularly lucrative target to cybercriminals.
"Simply because airports are critical infrastructure is a big sort of attraction for actor groups," he said.
When the CIS began digging into the intrusion, it discovered that the phishing scheme was both wide-ranging and potentially insidious. All told, the hackers had sent phishing emails to 75 different airports, though fortunately only two airport systems ended up getting compromised, according to the CIS report.
While most virtual attacks these days focus on reaping quick profits, the one against the airports may have a more sinister motive. According to Nextgov, the airport hackers could likely have been driven by a desire to know who would be on certain flights, as well as the cargo they'd be carrying.
For this reason, the intrusion represents a significant threat to general security, and though only two airports ended up getting directly affected, that's two too many as far as maintaining critical infrastructure protection is concerned.
Security expert and CSO contributor Antone Gonsalves noted that the airport spying incident sheds much-needed light on the critical shortcomings in infrastructure protection that could have prevented such an intrusion from ever happening in the first place. Gonzalves stated the attack represents "a wake up call that America's best IT talent needs to focus less on money and more on national security."
A breach that steals money is one thing. But an attack that potentially places flyer safety at risk is another beast entirely. Since the safety of the skies is a vital component of national safety as a whole, the onus falls on airports to implement the proper protective infrastructure necessary to keep the criminal presence at bay.