T'way and Eastar Sites Accessible
Login Pages Open to Outsiders
Asiana Intranet Hacked
Personal Data Leaked from Korean Air
Global Hackers Eye Airlines
FBI: "Entire Aviation Ecosystem at Risk"
It has been confirmed that even the internal intranet homepages of some domestic low-cost carriers (LCCs) are easily accessible to the general public. This poses a significant hacking risk, as leaked personal information could be combined to attempt logins to employee-only homepages. Despite the recent hacking incident involving the Asiana Airlines intranet, there are concerns that the airline industry’s response efforts remain insufficient. Even Korean Air, the country’s largest airline, cannot rest easy due to hacking incidents affecting its partner companies.
On December 29, The Asia Business Daily found that by adding 'gw' (an abbreviation for groupware) in front of the official website addresses of major airlines, it was possible to access the internal intranet homepages of T'way Air and Eastar Jet. Each site displayed a login window along with the company slogans "T'way to Europe" and "Travel Made Easy," respectively. Although actual login was not possible without an ID and password, there were no measures to restrict login attempts for a certain period or block internet protocol (IP) addresses, even after more than ten failed login attempts with arbitrary IDs and passwords.
Experts point out that the mere fact that outsiders can easily access internal intranet pages is a problem. A data privacy officer with 15 years of experience, who requested anonymity, stated, "In general, to guard against hacking, business system addresses are configured so that outsiders cannot guess them," adding, "For convenience, attaching 'gw' to create a corporate intranet and neglecting attack surface management (vulnerabilities that external attackers can exploit) reflect poor security awareness."
Experts warn that if intranet addresses are exposed, they could fall victim to so-called "credential stuffing" attacks. This is a hacking method in which login information leaked from other sites is randomly input into the target site. Since personal information has already been leaked through hacking, the probability of logging into the intranet increases accordingly. In the case of airlines, they handle not only basic personal information such as names, contact details, and resident registration numbers, but also sensitive data like passport numbers, medical information, and immigration records, making them a frequent target for hackers worldwide.
Hwang Seokjin, a professor at the Graduate School of International Information Security at Dongguk University, said, "Since many people use the same ID and password across multiple sites, if login credentials are leaked from a less secure site, there is a risk that the internal intranet could also be hacked. For airlines, a variety of data, including customer information, can be uploaded to the internal intranet, making it a likely target for hackers."
Regarding access to its intranet homepage, Eastar Jet explained, "When logging into the groupware, we operate a system that checks individual access records and can respond quickly in the event of abnormal access."
Personal information leaks from airlines are an ongoing issue. Following the hacking of Asiana Airlines' internal intranet, which resulted in the leakage of personal information of around 10,000 employees and partner company staff, including call center workers, it was reported on December 29 that KC&D Service, an in-flight catering partner of Korean Air, was also hacked, leading to the exposure of about 30,000 Korean Air employees' personal data.
There have also been significant airline hacking incidents overseas. In June, Canadian airline WestJet suffered a breach of its internal systems, causing its website and application services to be suspended, and in the same month, a hacking incident at Hawaiian Airlines in the United States caused disruptions to some IT systems. In July, a hack at Qantas Airways in Australia exposed the names, emails, phone numbers, dates of birth, and mileage numbers of six million passengers. In August, Air France-KLM Group suffered a data breach, and in October, Vietnam Airlines experienced a personal information leak.
With hacking attacks on airlines continuing throughout the year, the U.S. Federal Bureau of Investigation (FBI) warned on its official X (formerly Twitter) account in June that "hackers target airlines and IT service providers, and everyone in the airline ecosystem, including vendors and partners, could be at risk."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
