Planes, gates, and bags: How hackers can hijack your local airport
New research by Pen Test Partners sheds light on the many ways airport security systems can be compromised by hackers. Potential avenues for attack include:
- Crew passes: threat actors can use various techniques to steal or copy RF cards that provide airport personnel with access to restricted areas.
- Building management systems (BMS): Threat actors can exploit vulnerabilities in certain BMS in order to remotely exploit them, which would allow them to manage access control to airport facilities.
- Air-conditioning systems: air conditioning at airports is often remotely controlled by third parties, making it possible for hackers to breach those systems via a supply-chain attack.
- Check-in desks: Airport check-in desks often run third-party software that could be compromised via a supply-chain attack.