While the Federal Aviation Administration (FAA) has taken steps to protect its air
traffic control systems from cyber-based and other threats, significant security
control weaknesses remain, threatening the agency’s ability to ensure the safe
and uninterrupted operation of the national airspace system (NAS). These
include weaknesses in controls intended to prevent, limit, and detect
unauthorized access to computer resources, such as controls for protecting
system boundaries, identifying and authenticating users, authorizing users to
access systems, encrypting sensitive data, and auditing and monitoring activity
on FAA’s systems. Additionally, shortcomings in boundary protection controls
between less-secure systems and the operational NAS environment increase the
risk from these weaknesses.
more here.....http://www.gao.gov/assets/670/668169.pdf
traffic control systems from cyber-based and other threats, significant security
control weaknesses remain, threatening the agency’s ability to ensure the safe
and uninterrupted operation of the national airspace system (NAS). These
include weaknesses in controls intended to prevent, limit, and detect
unauthorized access to computer resources, such as controls for protecting
system boundaries, identifying and authenticating users, authorizing users to
access systems, encrypting sensitive data, and auditing and monitoring activity
on FAA’s systems. Additionally, shortcomings in boundary protection controls
between less-secure systems and the operational NAS environment increase the
risk from these weaknesses.
more here.....http://www.gao.gov/assets/670/668169.pdf