OT SecurityArmisEndpoint SecurityInternet of Things (IoT)Security OperationsSecurityDigital
Partner Contribution5 minute read

Partner POV | The Hidden Third Party Risk in Airport Baggage Handling Systems

The aviation industry's digital evolution exposes vulnerabilities, as seen in a baggage handling system breach via third-party access. This article explores the risks of interconnected cyber-physical systems and offers strategies for securing critical infrastructure, emphasizing the need for continuous trust verification and dynamic security measures to ensure operational resilience.

In this article

  1. Executive Summary
  2. The Incident: A Laptop in the Wrong Hands. A BHS in Chaos.
  3. Baggage Handling Systems: Critical Infrastructure in a CPS Environment
  4. The Hidden Threat: Third-Party Access in a Fragile Ecosystem
  5. Airports as Cyber-Physical Systems: Why It Matters
  6. What Real Airport Protection Looks Like
  7. Operational Resilience is Paramount
  8. Conclusion: Trust Is Not a Control

This article was written and contributed by, Armis.

 Executive Summary

The aviation industry is becoming more digitized, more connected, and more fragile. A recent incident involving a contractor's remote access to a baggage handling system (BHS) led to malware propagation, operational paralysis, and grounded flights. Not due to perimeter failure, but due to blind trust in a third party.

This blog examines how BHS vulnerabilities reflect a larger issue within modern airports: the increasing complexity and interconnectedness of cyber-physical systems (CPS). It outlines how third-party access can be the hidden weak point in critical infrastructure, and provides actionable recommendations for securing BHS and similar systems from operational disruption.

 The Incident: A Laptop in the Wrong Hands. A BHS in Chaos.

A remote contractor logged into the BHS via VPN. Their endpoint had already been compromised. Minutes later, malware spread across the internal network. Conveyors shut down. Bags piled up. Flights were delayed or canceled.

This disruption did not originate from a hacker breaching the firewall. It came from inside the circle of trust.

 Baggage Handling Systems: Critical Infrastructure in a CPS Environment

Modern airports operate as cyber-physical systems where digital infrastructure tightly controls physical processes. Few systems illustrate this more clearly than the BHS. These environments combine industrial automation with networked intelligence, integrating:

  • Programmable Logic Controllers (PLCs)
  • Human-Machine Interfaces (HMIs)
  • Supervisory Control and Data Acquisition (SCADA) systems
  • IoT devices such as tag printers, barcode scanners, and sensors
  • Real-time databases and decision engines
  • Remote access ports and vendor-maintained components

The BHS is often physically separate but digitally connected to other airport systems, including HVAC, passenger screening, terminal operations, and building automation. This interconnectedness increases efficiency, but also amplifies risk. A compromise in one area can propagate into others, especially when security boundaries are unclear or poorly enforced.

 The Hidden Threat: Third-Party Access in a Fragile Ecosystem

While most airports have made progress in perimeter security, vulnerabilities now reside within the trust relationships that power day-to-day operations. Third parties maintain or support a large share of critical airport infrastructure, yet often have:

  • Persistent, unsupervised VPN access
  • Shared credentials among multiple contractors
  • Limited audit logging of activity within sensitive systems
  • Access to systems without contextual controls or network segmentation

This creates a dangerous dynamic. Airports do not always control who is on their network, when they connect, or what they do once inside. In such a complex and sensitive environment, that lack of visibility is an unacceptable risk.

 Airports as Cyber-Physical Systems: Why It Matters

Airports are not just transportation hubs. They are digitally orchestrated ecosystems. Operations depend on a delicate balance between software, hardware, and physical infrastructure. Passenger check-in, airside logistics, lighting, climate control, access management, and safety systems all rely on digital control mechanisms that must work in harmony.

Key characteristics of airport CPS environments include:

  • Highly integrated operational technology (OT) and information technology (IT) and the internet of things (IoT) spanning across the entire digital footprint
  • Real-time data exchange across critical systems
  • Complex and often interconnected vendor and supplier ecosystems
  • Physical and digital interdependencies with safety and regulatory implications

A vulnerability in the BHS is not a siloed issue. It is a threat vector that can ripple across the entire airport, affecting safety, compliance, and public confidence.

 What Real Airport Protection Looks Like

Securing the BHS requires a strategic approach to risk management, extending well beyond endpoint protection and perimeter firewalls. It involves understanding the full scope of cyber-physical risk, particularly in environments where third-party access is routine.

 Core Capabilities for BHS and CPS Cyber Exposure Protection

  1. Comprehensive Asset Visibility
     Maintain an up-to-date inventory of every device, endpoint, and asset connected to the BHS, including vendor-managed and legacy components.
  2. Proactive Exposure Management
     Continuously assess BHS environments for exploitable vulnerabilities and misconfigurations before adversaries find them.
  3. Behavioral Threat Detection
     Use AI and machine learning to monitor for abnormal patterns in access, movement, and privilege escalation, particularly involving third-party activity.
  4. Network Segmentation and Isolation
     Implement strict segmentation between BHS systems and other airport networks to prevent lateral movement and cascade failures.
  5. Secure Remote Access
     Enforce least-privilege principles with role-based access, session recording, and time-limited credentials for external users.
  6. Vendor Risk Profiling
     Assess and rank vendors by their access scope, past incidents, and current behavior. Use dynamic controls to restrict or revoke access as needed.
  7. Attack Path Modeling
     Employ attack graph mapping to visualize how an adversary could traverse systems from vendor entry points to critical operations, and prioritize defenses accordingly.

 Operational Resilience is Paramount

The costs of a BHS failure are not just technical. They are operational, financial, reputational, and regulatory. Every delay affects passenger experience, airline performance, and the airport's reputation for safety and reliability.

As CPS environments become the norm in aviation, the margin for security error becomes vanishingly small. A single unmonitored contractor connection can become a point of entry for ransomware, data exfiltration, or system disruption affecting thousands of travelers.

Security leaders must therefore shift from compliance-focused checklists to dynamic, intelligence-driven strategies that align with operational priorities.

 Conclusion: Trust Is Not a Control

Airports cannot afford to treat third-party access as a peripheral issue. In complex, interdependent environments like BHS, trust must be earned continuously and verified constantly.

Without visibility, control, and clear boundaries, a single mistake or oversight by a vendor can bring critical airport operations to a halt.

Modern threats do not always knock on the front door. Increasingly, they are already inside, waiting for a moment of inattention. Airports that treat third-party risk as an operational challenge, not just a cybersecurity issue, will be best positioned to maintain resilience in the face of evolving threats.

Learn more about Security Operations and Armis Contact an Expert 

Technologies