Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Heathrow Security Scare

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Heathrow Security Scare
Date: Fri, 3 Dec 2004 03:40:22 -0600 (CST) 
Forwarded from: William Knowles <wk@c4i.org>

http://www.sky.com/skynews/article/0,,30000-1162666,00.html

December 03, 2004

Sky News has uncovered major security lapses at Heathrow airport after
an undercover reporter repeatedly gained access to restricted areas.

Airport offices and out-of-bounds airside areas were easily breached,
forcing bosses to review procedures.

An undercover Sky News reporter highlighted how easy it was to walk
into British Airways offices containing confidential security
documents.

He also managed to walk by passenger planes just hours before they
were due to take off.

BA has launched an investigation following the report, while the
British Airports Authority (BAA), owner of Heathrow, admitted "there
was room for improvement".

The reporter returned to the airport on a number of occasions at night
and carrying only a broom managed to escape the attention of security.

Only once was he challenged, but even then staff did not ask for
security credentials and he was allowed to carry on.

He found a BA office unlocked and inside key manuals detailing the
airline's security procedures.

It detailed how staff are supposed to respond to bomb threats, how
they are vetted before joining, and procedures for negotiating with
hijackers.

On another occasion the reporter broke through what should have been a
watertight cordon keeping the public away from restricted areas of the
airport. From the public viewing platform on top of Terminal 2 he
found a gap in razorwire and slipped through.

Once down on to the ground, he walked for 15 minutes unchecked and
unnoticed around airliners that later would be filled with passengers.

A BAA spokesman said: "Safety and security are the top priorities at
Heathrow.

"We are constantly seeking ways to maintain an effective barrier 
between the landside and airside parts of the airport, and to remain 
alert to any potential vulnerabilities.

"On the basis of the information provided by Sky News, it would appear 
that there is room for improvement in this particular area of the 
airport and we have already taken steps to address that."

And BA also said it would take action.

A statement said: "Safety and security are always our top priorities 
and we are extremely concerned to hear that an undercover reporter has 
taken some documents and a high visibility vest from one of our 
landside offices within Terminal 1 at London Heathrow.

"We have launched our own immediate investigation into the allegations 
made against the airline to ensure that appropriate action is taken to 
avoid this happening again." 


 
*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
----------------------------------------------------------------
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - 
http://www.osvdb.org/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Heathrow Security Scare, InfoSec News <=
Previous by Date:  [ISN] Secunia Weekly Summary - Issue: 2004-49, InfoSec News
Next by Date:  [ISN] Antispam screensaver downs two sites in China, InfoSec News
Previous by Thread:  [ISN] Secunia Weekly Summary - Issue: 2004-49, InfoSec News
Next by Thread:  [ISN] Antispam screensaver downs two sites in China, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]