Tests included examining open sites, portable applications, and exposures of delicate air terminal information on open code vaults and the dim web. Only three of the world's Top 100 international airports pass basic security checks, according to a report published last week by cyber-security firm ImmuniWeb.
The three are the Amsterdam Schiphol Airport in the Netherlands, the Helsinki Vantaa Airport in Finland, and the Dublin International Airport in Ireland.
According to ImmuniWeb, these three "may serve a laudable example not just to the aviation industry but to all other industries as well."The three are the main air terminals that passed an extensive rundown of security tests that included checks of their open sites, official portable applications, and scans for breaks of touchy air terminal or traveller information in places like cloud administrations, open code vaults, or the dull web.
To be progressively explicit, ImmuniWeb checked for:
Appropriate usage of HTTPS
In the event that the air terminal's email server bolsters SPF, DKIM and DMARC
In the event that site content administration frameworks (CMSs) were approaching date adaptations or helpless parts
Consistency tests with PCI DSS, NIST, and HIPAA direction
On the off chance that the air terminal frameworks utilized a web application firewall (WAF)
Tests for basic mis-configuration in treat, header, and other security settings
On the off chance that portable applications utilized segments defenseless against known adventures
In the event that versatile applications depended on third-party programming libraries and systems
In the event that versatile applications utilized fundamental application security settings or in the event that they utilized perilous coding strategies
In the event that air terminal related information was accessible on open distributed storage administrations
On the off chance that air terminal related information was accessible on open code facilitating stores
On the off chance that air terminal related information was accessible on the dull web and other crook and hacking-related sites
The organization's expansive suite of security filters uncovered that 97% of the tried air terminals had issues with their digital security pose, and principally with their open sites.
No comments:
Post a Comment