When you think of airport security, baggage screening, TSA checkpoints, and surveillance cameras likely come to mind. But what about cyber-security?
With time to spare at the airport, most fliers are quick to take advantage of free public WiFi networks, without thinking twice. However, according to a new report by cloud security company Coronet, consumers would be wise to consider the risks these public networks pose before cracking open their laptop.
Photo by Yeray Sánchez on Unsplash
Coronet recently released Attention All Passengers: Airport Networks Are Putting Your Devices & Cloud Apps at Severe Risk, a first-of-its-kind data report identifying San Diego International Airport, John Wayne Airport-Orange County International Airport and Houston’s William P. Hobby International Airport as America’s most cyber insecure airports.
The convenience of these easy ways to connect to the internet is often masked by the fact that many airport public networks are unencrypted, insecure or improperly configured.
To rank airports by their threat level, Coronet looked at data from the 45 busiest American airports over five months at the beginning of the year. Then, it assigned each airport a threat index score based on the vulnerability of devices and risk of networks used. Based on the analysis, Coronet classifies any score above 6.5 as unacceptable exposure.
Here are the top 10 most and least vulnerable airports:
Image provided by Coronet
Image provided by Coronet
According to the report, the most troublesome issues found at airports included malicious WiFi networks designed to appear legitimate. An attacker on a Wi-Fi network named “SouthwestWiFi”
performed an attack on SSL/HTTPS traffic at the Houston William Hobby International Airport. An Evil Twin WiFi access point with the name ‘#SANfreewifi’ was used at the San Diego international airport, running an ARP Poisoning attack.
“Far too many U.S. airports have sacrificed the security of their Wi-Fi networks for consumer convenience,” says Dror Liwer, Coronet’s founder and CISO. “As a result, business travelers in particular put not just their devices, but their company’s entire digital infrastructure at risk every time they connect to WiFi that is unencrypted, unsecured or improperly configured. Until such time when airports take responsibility and improve their cybersecurity posture, the accountability is on each individual flyer to be aware of the risks and take the appropriate steps to minimize the danger.”
The complete report, which ranks the 45 busiest airports in the U.S., is available here.
Breadcrumb is a cybersecurity and executive advisory firm. Located in Central California, we partner with organizations throughout the US, protecting their critical assets from cyber breach. Contact us today for a no-obligation consultation.