America's air traffic control systems are in serious danger of computer hacker attacks, and the Government Accountability Office (GAO) warns that unless steps are taken to correct the problems, all a terrorist might need to do to destroy one, or many airplanes is flip open his laptop.
In a 42-page report titled, "Information Security: FAA Needs to Address Weaknesses in Air Traffic Control Systems," the GAO has listed 17 public steps and 168 classified steps the Federal Aviation Administration (FAA) must make in order to ensure the safety of air travel systems,
CNN reports.
The GAO commented that problems with FAA's cybersecurity are "threatening the agency's ability to ensure the safe and uninterrupted operation of the national airspace system."
The GAO, while noting that FAA has taken steps to tighten up security in its computer systems, states that the efforts have not been enough, and problems still exist.
"These include weaknesses in controls intended to prevent, limit, and detect unauthorized access to computer resources, such as controls for protecting system boundaries, identifying and authenticating users, authorizing users to access systems, encrypting sensitive data and auditing and monitoring activity on FAA's systems,"
the GAO report states.
The New York Post, noting that the Department of Transportation has admitted that hackers wormed their way into records of 48,000 FAA workers, "interfered with domestic air-traffic control and installed fake codes on their networks," and that the agency is "ill-equipped to fight back," commented, "The next attempt to bring down an airliner probably won’t involve a suicide bomber. Why bother when terrorists can bring one or more planes down with a keystroke?
The GAO report warns, "These shortcomings put [airspace] systems at increased and unnecessary risk of unauthorized access, use, or modification that could disrupt air traffic control operations."
Under the Federal Information Security Management Act of 2002, federal agencies are required to establish a computer security program. However, the GAO found, "FAA's implementation of its security program was incomplete. For example, it did not always sufficiently test security controls to determine that they were operating as intended; resolve identified security weaknesses in a timely fashion or complete or adequately test plans for restoring system operations in the event of a disruption or disaster."
While the FAA has established a Cyber Security Steering Committee, the GAO reports, "The weaknesses in FAA's security controls and implementation of its security program existed, in part, because FAA had not fully established an integrated, organization-wide approach to managing information security risk that is aligned with its mission."
This, the GAO notes, results in "placing the safe and uninterrupted operation of the nation's air traffic control system at increased and unnecessary risk."
Keith Washington, the FAA's acting assistant secretary for administration, told CNN, "The agency is fully cognizant of the vital requirement to secure the National Airspace System cyber environment as part of the nation's critical infrastructure."
Related Stories:
© 2025 Newsmax. All rights reserved.