97 out of 100 of the world’s largest airports have security risks related to vulnerable web and mobile applications, misconfigured public cloud, Dark Web exposure or code repositories leaks, according to a new report by Switzerland-based web security company ImmuniWeb.
The report is based on ImmuniWeb’s analysis of cybersecurity, compliance and privacy of 100 of the world’s largest airports.
During the research, ImmuniWeb identified three international airports that successfully passed all of its tests without a single major issue being detected: Amsterdam Airport Schiphol in the Netherlands; Helsinki-Vantaa Airport in Finland; and Ireland’s Dublin Airport.
Out of the 100 websites tested only 55 out of the 100 websites are running web application firewall software.The research team found that 66 of the top 100 airports were exposed on the Dark Web in one way or another.
For the 36 mobile apps belonging to the airports that researchers tested, 530 security and privacy issues were identified including 288 mobile security flaws(15 per application on average). Nearly 34% of the mobile apps’ outgoing traffic has no encryption.
“Given how many people and organizations entrust their data and lives to international airports every day, these findings are quite alarming…
“Cybercriminals may well consider attacking the unwitting air hubs to conduct chain attacks of the travelers or cargo traffic, as well as aiming attacks at the airports directly to disrupt critical national infrastructure.”