GAO: FAA lacks controls on network security as well as on passwords, user accounts and user privileges. FAA permitted “excessive access” to air traffic control systems by granting permissions that allowed more access than users needed to do their jobs. FAA says findings don’t reflect overall security of FAA systems such as air traffic controls. GAO conducted the security review between March 2004 and June 2005, at the request of two congressmen. FAA spokesman: “We have a very secure system,” he said.”]
Source: https://www.csoonline.com/article/2119117/gao-report-knocks-faa-info-security-efforts.html