Smart Airports, Dumb Planes and Holiday Travel Travails



It’s the holidays and you might have a looming travel experience that you are understandably dreading. With thousands of people frantically making their way back to their families, in today’s airports you could miss a flight or even lose your child at O’Hare International only to have them board a flight to New York instead of Miami. 

The European Union Agency for Network and Information Security (ENISA) has a holiday present to make sure that future holiday travel is more pleasant. In the form of a new report.

ENISA offers a series of security tips to European airports that are trying to get smarter by adding connected devices to make them more efficient and easier to navigate for consumers.

ENISA considers airports that integrate internet of things (IoT) components onto present airports to be “smart.” Some examples of smart capabilities include: automatic check-in, baggage and travel document check and automated border control.

It comes as no surprise that the introduction of a large number of IoT devices to any environment create a huge cybersecurity challenge. ENISA is pushing airports to prioritize cybersecurity as they become more connected by allocating enough resources and experts, and constantly revising cybersecurity policies to keep up with best practices.

“Integrating IoT on the existing airport infrastructure bring new security challenges,” Udo Helmbretch, ENISA’s executive director, said. “To ensure safety, operators need to incorporate cybersecurity in all stages of the security life cycle.”

While airports are getting some lessons in getting smarter, airplanes seem determined to remain dumb. Seattle-based cybersecurity company IOActive Inc. says that Panasonic still hasn’t addressed a vulnerability that IOActive discovered in their entertainment systems and told them about in 2015. The entertainment systems are used in many major airlines such as American Airlines Group Inc. and United Airlines Inc. IOActive claims that these vulnerabilities give hackers access to passengers’ in-flight displays, and possibly credit card systems.

Panasonic has denied that the IOActive findings amount to anything, saying it’s untrue that credit card information could be vulnerable, but not addressing more benign access, such as to flight tracker screens or crew applications that control lighting and the in-flight speaker system.

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.