fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Boeing 747s Still Get Critical Updates Via Floppy Disks

Boeing 747s Still Get Critical Updates Via Floppy Disks

British Airways Retires 747 Fleet

Boeing’s 747-400 aircraft, first introduced in 1988, is still receiving critical software updates through 3.5-inch floppy disks. The Register reports that security researchers at Pen Test Partners recently got access to a British Airways 747, after the airline decided to retire its fleet following a plummet in travel during the coronavirus pandemic. The team was able to inspect the full avionics bay beneath the passenger deck, with its data center-like racks of modular black boxes that perform different functions for the plane.

Pen Test Partners discovered a 3.5-inch floppy disk drive in the cockpit, which is used to load important navigation databases. It’s a database that has to be updated every 28 days, and an engineer visits each month with the latest updates.

While it might sound surprising that 3.5-inch floppy disks are still in use on airplanes today, many of Boeing’s 737s have also been using floppy disks to load avionics software for years. The databases housed on these floppy discs are increasingly getting bigger, according to a 2015 report from Aviation Today. Some airlines have been moving away from the use of floppy discs, but others are stuck with engineers visiting each month to sit and load eight floppies with updates to airports, flight paths, runways, and more.

The 10-minute video tour of the 747 (above) is a fascinating insight into the parts of the plane you never get to see, particularly on a decades-old airliner. The tour is part of this year’s virtual Def Con conference, the US’ largest hacker conference. As modern planes rely upon ever more sophisticated technology, security researchers are increasingly interested in how planes prevent passengers from interfering with flights.

Boeing’s 747 floppy disk drive.

Security is particularly relevant when it comes to in-flight entertainment systems. A cybersecurity professor discovered a buffer overflow exploit onboard a British Airways flight last year. The professor was able to use a USB mouse to input long strings of text into an in-flight chat app, crashing the entire in-flight entertainment system for his seat. Security researchers are still hunting for vulnerabilities that would allow them to communicate with flight systems from publicly accessible parts of planes.

Also read: 5 Simple Ways On How To Delete Security Camera Footage

A focus on security is even more important on the latest aircraft. Modern planes like Boeing’s 777X and 787 use fiber networks, where all the avionics plug into this network and are controlled by a pair of computers that run flight critical software. It’s more of a traditional network like you’d find inside an office building, and some of the latest airliners even receive software updates over the air. The software that powers modern aircraft isn’t always reliable, though. Boeing only just resumed production of its troubled 737 Max airplane after software glitches led to two fatal crashes that killed a total of 346 passengers and crew members.

Despite modern technology being available, it hasn’t stopped floppy disks from persisting in other industries. The US Defense Department only ended the use of 8-inch floppy disks for coordinating the country’s nuclear forces in October, and the International Space Station is full of floppy disks.

Also read: 9 Policies For Security Procedures Examples

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us