Latest News

[GROW YOUR BRAND] International Airport Review’s Media Planner 2025: Get in Touch here!
LATEST REPORT – Smart Airports: From Curb to Runway – READ NOW
Shaping the Next Generation of Hold Baggage and Air Cargo Screening | 11 Dec | Save your place!
New eReport on security! Rethinking security for smart airports – Read now!
Enabling checkpoint flexibility with responsible open architecture | 25 Nov | Save your place!
Revolutionising India’s travel experience through the Digi Yatra biometric programme | 16 Dec | Webinar | Save your place!
news

Hackers can buy access to a major airport’s security systems for just $10

42
SHARES

The research team found the option to buy the remote desktop access on a Russian site.

HONEY POT: Airports are a popular target for hackers

Hackers can buy their way into the security and building automation system of a major international airport for just $10, researchers have discovered.

McAfee’s Advanced Threat Research team came across the deal whilst trawling darkweb market places. Though the antivirus software firm did not identify the airport in question, the discovery prompts questions about the ease with which would-be hackers can gain access to airport IT systems.

The underground online shops sold remote desktop protocol (RDP) access to hacked machines. RDP was developed by Microsoft and gives administrators a way in to their or a client’s computer from a separate location, but also serve as a port through which hackers can do the same.

Join us live: Shaping the Next Generation of Hold Baggage and Air Cargo Screening

Join us live for an insightful webinar on 11th December at 14:00 GMT, in collaboration with Smiths Detection, as we explore the strategic balance of operational efficiency, regulatory compliance, and sustainability in high-volume security environments.

This session offers a focused look into future-proofing your security strategy.

Key learning points

  • Cost Reduction: Strategies to minimize bag travel time while simultaneously reducing operational costs.
  • Regulatory Roadmap: Insights into the next wave of regulatory changes and their impact on future investment decisions.
  • Sustainable Systems: Practical approaches to building sustainability into security systems and lowering the total cost of ownership (TCO).
  • Scalable Solutions: Real-world examples of scalable systems supporting current airport growth and preparing for tomorrow.

Register now for expert insights, case studies, and actionable strategies on operational efficiency!

According to McAfee, by accessing a system via RDP, attackers can obtain almost all data stored on a system. 

In its investigation the team came across access to a Windows Server 2008 R2 Standard computer on April 16 in a Russian RDP shop. After tracking the IP address, it found the machine belonged to a major American international airport.

McAfee’s blog post following the discovery continued: “There are three user accounts available on this system, one of which is the administrator account.

“The names of the other accounts seemed unimportant at first but after performing several open-source searches we found that the accounts were associated with two companies specialising in airport security; one in security and building automation, the other in camera surveillance and video analytics.

“We did not explore the full level of access of these accounts, but a compromise could offer a great foothold and lateral movement through the network using tools such as Mimikatz.”

The team concluded the domain was most likely associated with the airport’s mass transit system. “It is troublesome that a system with such a significant public impact might be openly accessible from the Internet,” the blog writer, John Fokker continued.

“Now we know that attackers, like the SamSam group, can indeed use an RDP shop to gain access to a potential high-value ransomware victim. We found that access to a system associated with a major international airport can be bought for only $10—with no zero-day exploit, elaborate phishing campaign, or watering hole attack.”

 


SIGN ME UP

 

Stay Connected with International Airport Review — Subscribe for Free!

Get exclusive access to the latest airport and aviation industry insights from International Airport Review — tailored to your interests.

Expert-Led Webinars – Gain insights from global aviation leaders

Weekly News & Reports – Airport innovation, thought leadership, and industry trends

Exclusive Industry Insights – Discover cutting-edge technologies shaping the future of air travel

International Airport Summit – Join our flagship event to network with industry leaders and explore the latest advancements

Choose the updates that matter most to you.

Sign up now to stay informed, inspired, and connected — all for free!

Thank you for being part of our aviation community. Let’s keep shaping the future of airports together!

Related topics

, , ,

Related organisations

Related regions

Related people

Share via
Share via
Send this to a friend