Airport Security
January 14, 2010Working with the German public broadcaster, ARD, members of the hackers-turned-data protection group Chaos Computer Club have figured out how to remotely access data stored on key cards used by airport employees. Theoretically, terrorists could use such a breach to gain admittance to restricted areas of the airport.
"The system was relatively simple to crack. We were quite honestly shocked to find there were absolutely no obstacles that we had to overcome," said Chaos Computer Club member, Karsten Nohl.
The CCC hacked the Legic Prime entry system using a device that covertly read the identification cards of airport personnel and saved the data. According to the "Kontraste" show aired on Thursday, the system is used by Hamburg, Berlin-Tegel, Stuttgart, Dresden and Hannover airports.
At Hamburg airport, the hackers were able to get into the 'airside' area without detection. However, an airport spokeswoman told the program that employees normally are required to show their ID and go through a security inspection before entering the restricted areas.
Stuttgart airport officials said their multi-level security system would prevent breaches like the one that occurred in Hamburg because they did not store any data on the employee ID cards.
An interior ministry spokesman told the news magazine that they had asked for a meeting with the airport operators to review security procedures. The head of the German Police Officers' Union, Rainer Wendt, said the old system should be removed immediately and replaced with more up-to-date technology.
"The security department should immediately be put under the supervision of the national police so that the airport operators can no longer just carelessly do whatever they want," Wendt said.
svs/ARD
Editor: Tony Dunham