According to a recent report by cybersecurity firm ImmuniWeb, only three of the world’s Top 100 international airports pass basic security checks. The security check involved checks of airports’ public websites, official mobile applications, and searches for leaks of sensitive airport or passenger data in places like public code repositories, cloud services, and the dark web. Overall, 97 percent of the websites ImmuniWeb checked contain outdated web software, and 24 percent contain known and exploitable vulnerabilities. Among the mobile apps it examined, ImmuniWeb detected an average of 15 security or privacy issues per app and found that 33.7 percent of the mobile apps’ outgoing traffic had no encryption. Sixty-six percent of the airports examined are exposed on the Dark Web, and 72 out of 325 exposures are critical or high risk, indicating a serious breach. Eighty-seven percent of the airports have data leaks on public code repositories, and 503 of those 3184 leaks are of critical or high risk. The three airports that passed the check are the Amsterdam Schiphol Airport in the Netherlands, the Helsinki Vantaa Airport in Finland, and the Dublin International Airport in Ireland.
From “Only Three of the Top 100 International Airports Pass Basic Security Checks”
ZDNet (02/03/20) Cimpanu, Catalin