/cdn.vox-cdn.com/uploads/chorus_asset/file/23249791/VRG_ILLO_STK001_carlo_cadenas_cybersecurity_virus.jpg?w=1200&resize=1200,628&ssl=1 "Researchers discover bug allowing fake pilots to be added to TSA check rosters")
A pair of security researchers, Ian Carroll and Sam Curry, made a startling discovery regarding a vulnerability in the login systems used by the Transportation Security Administration (TSA) to verify airline crew members at airport security checkpoints. This bug allowed individuals with basic knowledge of SQL injection to manipulate the systems, potentially granting unauthorized access to airline rosters and security checkpoints, posing a serious threat to airline safety and security.
Carroll and Curry uncovered the vulnerability while investigating a third-party website belonging to FlyCASS, a vendor that provides access to the TSA’s Known Crewmember (KCM) and Cockpit Access Security System (CASS) for smaller airlines. By inserting a simple apostrophe into the username field, they triggered a MySQL error, indicating that the username was directly inserted into the login SQL query, making it susceptible to SQL injection attacks.
Upon further investigation, Carroll and Curry confirmed the presence of SQL injection and were able to exploit the vulnerability using tools like sqlmap. By inputting specific credentials, they managed to gain administrator access to the FlyCASS system, granting them unrestricted control over airline crew records and photos.
Once inside the system, Carroll noted that there were no additional security checks or authentication measures in place, allowing them to freely manipulate crew records and photos for any airline using FlyCASS. This posed a grave security risk, as unauthorized individuals could potentially exploit the vulnerability to gain access to secure airport areas, compromising airline safety protocols.
In response to these findings, TSA press secretary R. Carter Langston denied the severity of the issue, stating that the agency does not solely rely on the compromised database for flight crew authentication. Langston reassured the public that only verified crew members are granted access to secure airport areas, downplaying the potential risks associated with the vulnerability.
<DeFi Daily News> is your go-to source for the latest updates and trending news articles in the world of decentralized finance. Stay informed and stay ahead of the curve with DeFi Daily News!
In conclusion, the discovery of this vulnerability in the TSA’s login systems highlights the critical importance of robust cybersecurity measures in aviation and transportation industries. The ease with which Carroll and Curry were able to exploit the system underscores the need for continuous vigilance and proactive security protocols to safeguard sensitive data and infrastructure from potential threats. While the TSA’s response may downplay the severity of the issue, it serves as a stark reminder of the ever-evolving nature of cyber threats and the constant need for organizations to prioritize cybersecurity practices and risk mitigation strategies. By staying informed and adopting best practices in cybersecurity, we can help mitigate the risks posed by vulnerabilities like the one uncovered by Carroll and Curry, ensuring the safety and security of critical systems and services.
Source link
