Hackers can buy access to a major airport’s security systems for just $10
Posted: 17 July 2018 | International Airport Review | No comments yet
The research team found the option to buy the remote desktop access on a Russian site.
HONEY POT: Airports are a popular target for hackers
Hackers can buy their way into the security and building automation system of a major international airport for just $10, researchers have discovered.
McAfee’s Advanced Threat Research team came across the deal whilst trawling darkweb market places. Though the antivirus software firm did not identify the airport in question, the discovery prompts questions about the ease with which would-be hackers can gain access to airport IT systems.
The underground online shops sold remote desktop protocol (RDP) access to hacked machines. RDP was developed by Microsoft and gives administrators a way in to their or a client’s computer from a separate location, but also serve as a port through which hackers can do the same.
According to McAfee, by accessing a system via RDP, attackers can obtain almost all data stored on a system.
In its investigation the team came across access to a Windows Server 2008 R2 Standard computer on April 16 in a Russian RDP shop. After tracking the IP address, it found the machine belonged to a major American international airport.
McAfee’s blog post following the discovery continued: “There are three user accounts available on this system, one of which is the administrator account.
“The names of the other accounts seemed unimportant at first but after performing several open-source searches we found that the accounts were associated with two companies specialising in airport security; one in security and building automation, the other in camera surveillance and video analytics.
“We did not explore the full level of access of these accounts, but a compromise could offer a great foothold and lateral movement through the network using tools such as Mimikatz.”
The team concluded the domain was most likely associated with the airport’s mass transit system. “It is troublesome that a system with such a significant public impact might be openly accessible from the Internet,” the blog writer, John Fokker continued.
“Now we know that attackers, like the SamSam group, can indeed use an RDP shop to gain access to a potential high-value ransomware victim. We found that access to a system associated with a major international airport can be bought for only $10—with no zero-day exploit, elaborate phishing campaign, or watering hole attack.”
AI in Action: Enhancing Ground Operations at Frankfurt Airport
30 Sept 2025 | 11:00 AM BST | FREE Virtual Panel Discussion
Airports face mounting pressure as passenger volumes grow and turnaround windows tighten. But what if you could see your ground operations in real time, and predict issues before they occur?
Join us for a high-impact virtual panel featuring Frankfurt Airport, FraAlliance, and zeroG – Lufthansa Group’s AI powerhouse, as we explore how AI and computer vision are reshaping airside efficiency, safety, and collaboration.
Meet the experts:
- Pascal Schimanski, Project Lead – Digitalisation, FraPort
- Pauline Nolte, Project Director Strategy & Consulting, FraAlliance
- Christian Ritter, Head of Product & Principal Data Scientist, zeroG
- Moderated by Francesca Vetter, Head of Marketing, zeroG
Register now to ask your questions live and take away practical, proven insights on applying AI at scale in your airport – Register Now – It’s Free!
Related topics
Cyber-security, Information technology (IT), Security, Terminal operations
Chief Executive Officer
CEO
Chief Operating Officer
Head of Operations, Safety and Emergency
Chief Strategy Development Officer
Head of Operations
Airport General Manager
CEO
Chief Executive Officer