New research by Pen Test Partners sheds light on the many ways airport security systems can be compromised by hackers. Potential avenues for attack include:
- Crew passes: threat actors can use various techniques to steal or copy RF cards that provide airport personnel with access to restricted areas.
- Building management systems (BMS): Threat actors can exploit vulnerabilities in certain BMS in order to remotely exploit them, which would allow them to manage access control to airport facilities.
- Air-conditioning systems: air conditioning at airports is often remotely controlled by third parties, making it possible for hackers to breach those systems via a supply-chain attack.
- Check-in desks: Airport check-in desks often run third-party software that could be compromised via a supply-chain attack.
Read more: Planes, gates, and bags: How hackers can hijack your local airport