What Happens When The TSA Fails At Cybersecurity?
Gareth Andrews / 8 years ago
Every week we publish more and more news about companies and groups that are attacked in the battleground that is digital security. Sometimes it’s a large corporation such as TalkTalk who provide internet access to thousands while other times it could be a bank or a group of banks. With a recent study showing that high ups in companies don’t consider cyber security anything but an IT problem, it appears most worrying when those in the security industry such as the TSA are the ones leaving us open to attacks in the digital battleground.
This troubling news comes after five years of audits from the Department of Homeland security against the organisation responsible for protecting the people who travel around America. The final report in a long list of audits shows that not only are the problems built into the very software and hardware they use but also how they go about operating the machines or in some cases, ignore standard security process.
The audit lists a long range of concerns, but we will some up just some of them here. Firstly there is the fact that some of the software used has known vulnerabilities, with patches available but never applied. While this seems bad it gets even more worrying when you look at the physical security issues the TSA exposed over the years. Firstly non-TSA airport staff were allowed access to their systems while if there ever was a problem there is the small issue of there being no reporting structure, find a problem and just tell your boss.
Amongst the overheated servers and computer running “unsupported systems”, the lack of a disaster recovery centre means that the TSA could suffer any number of problems, both physically or from the 12, 282 high server vulnerabilities that put everyone in danger.