Boeing's Poor Information Security Posture Threatens Passenger Safety, National Security, Researcher Says
The aircraft maker failed to perform minimum due diligence in securing its networks, then tried to cover it up, security researcher Chris Kubecka tells Aviation Cyber Security conference attendees.
Click Like to Follow Fliegerfaust Facebook page to get the News ASAP / Share to share this post now.
November 11, 2019 - by J.M. Porup for csoonline.com
- Boeing, through back channels at DEF CON, threatened her with legal action and a public relations smear campaign to prevent her from going public.
Boeing's poor information security practices threaten aviation safety and national security, security researcher Chris Kubecka told an audience at the Aviation Cyber Security conference in London today (November 5).
Boeing test development networks are publicly exposed to the internet, Kubecka said, and at least one of Boeing's email servers is infected with multiple strains of malware.
Kubecka believes that the infected email servers are being used to exfiltrate sensitive intellectual property including code used in both civilian passenger aircraft as well as aircraft Boeing sells to the US military.
Kubecka, a well-respected security researcher, critical infrastructure expert, and Air Force veteran, tells CSO she has struggled to report what she calls blatant, easily fixable security issues for more than six months.
She also alleges that Boeing, through back channels at DEF CON, threatened her with legal action and a public relations smear campaign to prevent her from going public.
- Did you see this? Video: Boeing's Reaction on Delta Ordering A220 ... ›
- Boeing 737 MAX 8 - Trying To Do New With Old... - The Makeshift ... ›
- It's not just the 737 Max. At a Boeing Dreamliner factory workers say ... ›
- Airbus New A220-500 is the Boeing 737 MAX Killer? - FliegerFaust ›
- NEWS: Boeing Sees Profit Slashed By 50% - And Added More ... ›