1. Creating and Using an Airport Threats
Analysis Framework
Dr John McCarthy
ServiceTec Research Fellow
Cranfield University / UK Defence Academy

2. Creating an Airport Threat
Analysis Framework
Dr John McCarthy Ph.D. B.Sc. (hons) MBCS
Vice President of Cyber Security ServiceTec International
Inc./ServiceTec Research Fellow at Cranfield University / UK Defence
Academy

3. Partners
Cyber-Physical Systems Research Centre
based at Cranfield and sponsored by
ServiceTec
Centre for the Protection of National
Infrastructures
University of Nebraska
Federal Aviation Authority
Joint Information Operations Warfare
Centre, Vulnerability Assessment Branch
(JVAB) USA

4. What is it?
A means of measuring an airports
capability to resist and recover from
cyber-attack – on going research

5. The problem
There is no question that the whole
arena of cyber attacks, developing
technologies in the information area
represent potential battlefronts for the
future.
I have often said that there is a strong
likelihood that the next Pearl Harbor
that we confront could very well be a
cyber attack that cripples our power
systems, our grid, our security systems,
our financial systems, our governmental
systems
Defense Secretary Panetta 2011

6. The problem – Not just
standard ITSCADA systems
BYOD
Electronic boarding passes
Common Use IT systems with multiple
users on multiple machines
Social engineers to take advantage of
high staff turnover and a busy
environment to access IT systems

7. Shared Systems
CUPPS

8. The ProblemTo emphasize this, Bob Cheong, Chief Information
Security Officer of the Los Angeles Airport, report that a
variety of cyber-attacks in Los Angeles have occurred in
the last several years:
 there were over 6,400 attempts to hack into a new file
server two days after it was deployed;
 In a one-year period, nearly 59,000 Internet misuse
and abuse attempts were blocked;
 Finally, in that same one-year period, 2.9 million
hacking attempts were blocked

9. The problem – Not just
standard IT• To add to the problem cyber
security policies are deployed and
acted upon during ICT stasis. As
airports rapidly expand ICT
systems may be in a state of flux
• The earlier work by the authors
has shown that this is when they
are at their most vulnerable

10. Who is the enemy?
• Cyber terrorist
• Hacktivists
• Cyber criminals
• Organized crime
• Disgruntled
employees
• Kiddies
• Foreign
governments

11. Dom Nessi
In October of 2011,
Dom Nessi
delivered an
address to the
Airports Council
International of
North America
outlining the cyber
security threats
facing airports, the
potential vectors
that might be used
in an attack, and
tactics for securing
known

12. Dom Nessi
• Amongst Nessi’s threats were several
that were focused on external airport
operations, such as:
• external airport or airline websites
• concession point-of-sale
• credit card transaction information
• passenger’s wireless devices.

13. Dom Nessi
However, the overall impact of cyber-
attacks on systems external to airport
operations is small when compared to
attacks on systems required to perform
internal airport operations.
Nessi points out several potential
targets within this realm, including:
access control and perimeter intrusion
systems
eEnabled aircraft systems
radar systems

14. SCADA - Historical problems
Supervisory Control And Data Acquisition
(SCADA) systems act as the hidden
computer equipment behind large
infrastructures that are essential to
maintaining the quality of our life.
These infrastructures include electrical
power grids, water purification and delivery,
gas, and other utilities, as well as trains and
transportation systems.
Legacy SCADA systems, planned and
implemented possibly decades ago, were

15. Why is Security an issue for
SCADA?
The SCADA environment is
different:
 SCADA computations and logic have a direct affect on
the physical world
 Safety and efficiency sometimes conflict with security
in the design and operation of control systems
 Ordered list of security expectations from SCADA
1. availability
2. integrity
3. confidentiality

16. 16
The Empire State Building
and midtown New York City
are shown during the 2003
blackout. Photo)

17. SCADA Attacks
A water treatment plant near
Harrisburg, PA was attacked. The
hacker planted malicious software into
the control systems and could
potentially have altered or stopped the
operation of the treatment plant
The water treatment facility in
Queensland’s was accessed by a
disgruntled past employee named who
used a wireless connection into the

18. An Examination of a Major
Hub AirportExamining a major hub airport in
North America the critical driver for
increased security has been the
implementation of Payment Card
Industry (PCI) compliance regulations
for secure credit card transactions.
PCI has forced many airports to
upgrade and improve security
measures or face the loss of revenue

19. An Examination of a Major
Hub Airport• There was also a widely held belief that the SCADA systems in the airport
were isolated from the main IT backbone. Often the car parking and
baggage control systems were separated from the main IT network by
hardware firewalls.
• These firewalls were “assumed” secure by IT staff and it was often unclear
who had responsibly for the managing and configuration of these
firewalls.
• Additional services could be added to the network without all relevant IT
staff being aware of the changes.
• There appeared to be no overarching group or committee that had a
direct focus on cyber security measures.
• Security measures were left in multiple hands and ad hoc systems were
assumed isolated due to previous hardware and software configurations
without ongoing checks and testing.

20. Towards a Solution
Mainstream Cyber Security
measures are often focused on the
traditional elements of an IT network
and will therefore fall short of fully
understanding the cyber needs of an
airport
A more holistic approach is needed
that encompasses wider elements of
the airport’s infrastructure

21. Towards a Solution
Nessi’s assessment settles on four
components within an airport that are
vulnerable to cyber attack, each
“require a different approach to
security:
the network
the device
the application
and the back-end system

22. Towards a Solution
• “social engineering awareness”
campaigns educating staff on proper
use of software, hardware and
access points and potential exploits
that expose human error and
provide access to unauthorized
persons;
• performing penetration testing by
both those with internal access and

23. Towards a solution
Full inter agency dialogue
A no “blame culture” about cyber
attacks
Banishing the idea of “us and them”
Large airports are “safer”
Smaller ones can swim on there own
and are not as important
Every plane that takes off lands, all

24. Playing Dirty - A Red Team
Strike
• The red team’s job is
straightforward: seek and destroy. A
red teamer will use every tool
available to compromise a target
network and tear down a blue
team’s defenses, with the ultimate
goal of taking control of one or more
critical systems in order to spy,
sabotage, or destroy.

25. Heathrow Dependency
ModellingTo fully understand how all the
systems work together we need to
create a dependency model – what
happens when?
We are undertaking this research
with the Centre for the Protection of
National Infrastructures at Heathrow
Unless we fully understand how our

26. Risk Management really is a
matter of life or Death!
19/10/2011 26Bow Ties and Incidents

27. How to Manage my Risk?
I’ve done this often
before
Will my boss/shareholders support me if ..…?
I want to be safe
Is it different from usual?
save
timesave
££££
I like to do a good
job
be safe
I want the business to succeed
I am judged on….
Does doing this feel
right?
19/10/2011 27

28. Our aim from a traditional
military viewpoint

29. A Multi Agency Approach
• Many agencies and governments
favour a multi-lateral approach to
solving cyber security.
• Thus any analysis framework
must be undertaken from a multi-
agency perspective.
• To ignore this perspective may
allow cyber threats to go

30. How do we achieve this across
multiple agencies, disciplines
and even countries?
• Tough challenge
• Will we need a cyber Perl Harbor
before we react?
• Raised more questions than answers
• Would you like to get involved?

31. “
”
I have often said that there is a strong likelihood that
the next Pearl Harbor that we confront could very
well be a cyber attack that cripples our power
systems, our grid, our security systems, our financial
systems, our governmental systems
Defense Secretary Panetta 2011
Email: john.mccarthy@servicetec.com
www.airportcybersecurity.com
Airport Cyber Security Podcast