State of Cybersecurity at Top 100 Global Airports: 97 Have Security Vulnerabilities

A new report from ImmuniWeb found 97 out of 100 of the world’s largest airports have security risks related to vulnerable web and mobile applications, misconfigured public cloud, Dark Web exposure or code repositories leaks.

Main Website Security:

  • 97% of the websites contain outdated web software
  • 24% of the websites contain known and exploitable vulnerabilities
  • 76% and 73% of the websites are not compliant with GDPR and PCI DSS respectively
  • 24% of the websites have no SSL encryption or use obsolete SSLv3
  • 55% of the websites are protected by a WAF

Mobile Application Security:

  • 100% of the mobile apps contain at least 5 external software frameworks
  • 100% of the mobile apps contain at least 2 vulnerabilities
  • 15 security or privacy issues are detected per app on average
  • 33.7% of the mobile apps outgoing traffic has no encryption

Dark Web Exposure, Code Repositories and Cloud:

  • 66% of the airports are exposed on the Dark Web
  • 72 out of 325 exposures are of a critical or high risk indicating a serious breach
  • 87% of the airports have data leaks on public code repositories
  • 503 out of 3184 leaks are of a critical or high risk potentially enabling a breach
  • 3% of the airports have unprotected public cloud with sensitive data

Application weaknesses and software vulnerabilities continue to be the most common means by which cybercriminals carry out external attacks says Forrester in its recent research.

Regrettably, only 3 main (“www.”) websites of the airports received the best possible “A+” grade, 15 got an “A” grade.

Read the report at ImmuniWeb

(Visited 141 times, 1 visits today)

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply

Latest from Airport & Aviation Security

Go to Top
X
X