When most people consider the implications of airport security breaches, they think of blasts like bombings or hijackings that leave massive casualties in their wake. But physical and cybersecurity breaches at airports can also have less dramatic, but more far-reaching consequences. Security incidents can cause everything from delays and inconvenience to financial losses for airports, passengers and airlines alike.
The following are four ways security breaches can impact passengers and airports:
Both physical security and cybersecurity events have caused operational delays and inconvenience to travelers worldwide. For example, in December of 2018, unauthorized drone flying crippled London’s Gatwick airport for three days before Christmas, causing roughly 1,000 flights to be cancelled or diverted, and wrecking the travel plans for about 150,000 passengers1.
On the cybersecurity front, a distributed denial of service (DDoS) cyberattack against Polish flagship carrier LOT overloaded the organization’s IT systems, grounding more than 1,400 passengers for roughly five hours in June of 2015 at Warsaw’s Frederic Chopin Airport2. A ransomware attack, in which hackers blocked access to select IT systems and demanded ransom payments, blacked out flight information screens at the Bristol Airport in the UK in September of 2018, causing confusion and inconvenience3.
When criminals access sensitive data about airports and their security measures, they can use that information to pick holes in airport security, save time in planning an attack, and more easily avoid detection.
That kind of information could have made its way into criminal hands when a memory stick crammed with confidential information about Heathrow Airport was found on the street in October of 2017. The data included everything from the exact route the Queen takes when using the airport and security measures used to protect her to a timetable of patrols used to guard the airport against suicide bombers and terror attacks4. In December of 2017, a skilled hacker in Vietnam stole sensitive security details and building plans from Perth Airport in Australia after breaking into its computer systems5.
The aviation sector is a prime target for breaches of passenger data, which includes personal and financial data. For example, a breach at Cathay Pacific, the Hong-Kong based international airline, compromised 9.4 million passenger records in October of 20186. Not only do airline databases contain credit card numbers that can be used for financial gain, they also store passport information not available elsewhere that can aid fraudsters in phishing attacks and identity theft.
All security breaches cause bad publicity. Many also lead to heavy fines and even prosecution. In October of 2018, Heathrow Airport was fined £120,000 by regulators after losing a USB stick containing more than 1,000 confidential passenger records7. In Cleveland, Ohio, two top city officials faced fines of $3,900-$7,800 or prosecution for their roles in a security breach at Cleveland Hopkins International Airport8. The breach, which occurred in October of 2018, involved bypassing a TSA checkpoint to access restricted areas of the airport.
Security breaches have far-reaching ramifications that go far beyond the airport boundaries. Beyond high profile attacks that cause loss of life, physical and cyberattacks can cause everything from delays and inconvenience to financial losses and even prosecution for passengers and airports alike. Learn how to secure your airports from the physical and cyber threats of today. Visit www.unisys.com/smartsecureairports/