"In fact, all machines are delivered to airports with [save] functions disabled," says the US Transport Security Administration, which has rolled out the machines to 19 airports.
But this might not be enough.
"If the computer is compromised, [the hacker] could install a trojan on the machine, which can capture a video of what the operator is looking at, and record it," Mr Miller said.
These hacker attacks would rely on the x-ray machine being plugged into the airport's computer network, and so connected to the outside world.
The Office of Transport Security has been asked whether x-ray scanning - if implemented in Australia - would involve the networking of x-ray equipment. A response is pending.
In recent days, the office has said it is waiting on results from a 2008 trial - in Sydney, Melbourne and Adelaide - before deciding how or when to implement screening locally.
Another, albeit less likely, way that scanned images could get out was the capture of x-rays, Mr Watt said.
"If it's emitting an electric signal, you can capture those signals but you'll need some application to interface with it [and unscramble it to re-create the image]," he said.
He cited a device that could re-generate the image on a computer screen based on the gamma rays the monitor emitted as an example of technology that could be developed for this purpose.
"So I'd say someone with the right knowledge and 2-3 hours could do it."
On 702 ABC radio yesterday, Crikey aviation writer Ben Sandilands also raised concerns that x-ray machines used the same radio frequency as wifi. This meant a hacker could use a wifi-enabled PC to hack into the machines and access scanned images.
Mr Miller believed this was unlikely, as x-rays and wifi were distinctly different protocols.
In any case, while it was more dramatic to think of hackers using wizardry breaking into a network, it was usually human slip-ups that opened the door, Mr Miller's CEO Robert McAdam said.
"You don't have to do it as a full frontal attack, rather focus on some weaker link in the chain," he said.
The quality and integrity of airport staff would thus be crucial to the protection of scanned images. In the US, airport officers evaluating images are banned from taking cameras, phones or photo-enabled devices into viewing room.
"It's usually the people, like an unhappy ex-employee, or someone just being lax with passwords ... that leads to a [hack attack]," Mr Watt said.
"Usually a place like an airport is pretty secure but there's always a loop-hole."
没有评论:
发表评论