View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 10, 2015

Hacker breaches Norwich Airport website in two minute attack

News: WhiteHat Security's Jeremiah Grossman says there is little excuse to leaving your brand unprotected.

By Ellie Burns

A hacker going by the pseudonym of His Royal Gingerness (HRG) has reportedly breached Norwich International Airport’s passenger website, bragging to the BBC that he attacked the system to highlight the website’s ‘vulnerability.’

HRG told the BBC that the motivation behind the attack was the airport’s lax website security, having known of someone who planned to plant a bomb hoax in the airport’s system over Christmas. HRG said that he was able to prevent that attack from playing out.

Wishing not to be named for fear of persecution, HRG said to the BBC:

"I found I could do it and then contacted the airport to let them know," he said.

"It took me between two to three minutes to do this. I do this mostly to see what vulnerability there are in modern systems."

Norwich International Airport was quick to state that the hack had not impacted physical security and airport operations, further promising a more robust and secure replacement website in the coming weeks.

Jeremiah Grossman, Founder of WhiteHat Security, was quick to criticise the airport. He said:

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

"Not every website is as important as the next. Not every hacked website can be used to establish a foothold on the network to pivot to something that’s truly vital, and not every web hacked website falls under breach reporting regulations.

"Here’s the thing though, the public doesn’t know that — and they have no way of knowing that — which is crucial to appreciate. Imagine if the ‘official’ airport website is hacked and easily defaced with something designed specifically to cause public concern, or worse – panic. Or what if the site started delivering malware to visitors.

"Just because the site doesn’t store confidential information, it doesn’t mean its security can be ignored. There is little excuse for leaving your organisational brand unprotected, where someone can hack the underlying system within a few minutes of effort.

"Norwich International is hardly alone when it comes to incredibly common website security problems, but it’s 2015, and it’s time everyone did better."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.