Only 3 of the Top 100 International Airports Meet Basic Cybersecurity Requirements

100 international airports were tested for checking if they meet the basic cybersecurity requirements

In recent research, the world’s top 100 international airports were tested for checking if they meet the basic cybersecurity requirements. The tests include checks of their public websites, official mobile applications, and searches for leaks of the sensitive airport or passenger data in places like cloud services, public code repositories, or the dark web. The test results revealed that only 3 airports passed the basic cybersecurity check, which are:

  • Amsterdam Schiphol Airport in the Netherlands
  • Helsinki Vantaa Airport in Finland
  • Dublin International Airport in Ireland

According to researchers, these three airports “may serve a laudable example not just to the aviation industry but to all other industries as well.” In addition, the research shows that 97% of the tested airports had problems with their cyber-security posture, and primarily with their public websites. With these issues, it could be credibly exploited to attack an airport authority, obtain a foothold on vulnerable systems, and then infiltrate an airport’s internal network. Such attacks aiming at airports have happened in the past few years. Since airports now have been recognized as a nation-state actors that involve political tensions, cyberattacks against airport systems may be considered a possible response in the case of an escalation between two countries.

Below are past notable cybersecurity incidents involving airport systems and authorities:

  • Russian state-sponsored hackers tried to sabotage Boryspil, Ukraine’s largest airport
  • A 14-year-old tried to hack the Brussels international airport after an ISIS terror attack
  • WiFi services at the Atlanta international airport went down in March 2018 following a cyber-attack
  • London’s Heathrow Airport was fined £120,000 by the Information Commissioner’s Office (ICO) for failing to secure sensitive data
  • More than 50% of all computing systems at an unnamed European international airport were recently found to be infected with a Monero crypto-mining malware
  • Albany airport authority suffered a ransomware attack



Contact LIFARS and See If Your Organization

Passes the Cybersecurity Checks