Monday, September 26, 2005

FAA air-traffic systems lack cyberprotections, GAO finds

Rob Thornmeyer writes in GCN.com:

Air-traffic control systems operated by the Federal Aviation Administration contain significant cybersecurity weaknesses and are vulnerable to attack, according to a recent report [.pdf] from the Government Accountability Office.

In the report, GAO concluded that the agency has not completely implemented information security programs that protect its systems from cyberattack.

“FAA has made progress in implementing information security for its air traffic control systems by establishing an agencywide information security program and addressing many of its previously identified security weaknesses; however, it still has significant weaknesses that threaten the integrity, confidentiality and availability of its systems—including weaknesses in controls that are designed to prevent, limit and detect access to those systems,” the report said.

FAA officials admit the weaknesses exist, but contend that because parts of their systems are custom-built with older equipment, special-purpose operating systems and proprietary communication interfaces, chances for unauthorized access are limited, according to the report.

0 Comments:

Post a Comment

<< Home