Perth Airport

Perth Airport operates as a major aviation hub in Australia, managing the complex logistics of passenger and cargo movement, aircraft operations, and the security of its extensive physical infrastructure. Its core responsibilities include maintaining secure airside and landside environments, safeguarding sensitive operational data such as building schematics and physical security details, and facilitating the safe transit of travelers. The airport's function inherently places it within critical national infrastructure, requiring robust security protocols to protect against threats that could disrupt transportation services. Its operations are governed by stringent national aviation security regulations, mandating continuous assessment and enhancement of protective measures for its facilities and information systems. The airport's role extends beyond simple transit, acting as a vital economic gateway for Western Australia and a node in the national and international travel network.

A significant cybersecurity incident in March 2017 exposed specific vulnerabilities within the airport's third-party access management. A skilled hacker based in Vietnam exploited the credentials of an external contractor to breach the airport's systems, successfully exfiltrating sensitive security documentation. The stolen data pertained specifically to physical security and building layouts, with the investigation confirming that critical aircraft operational systems and passenger personal information remained uncompromised, eliminating any direct risk to public safety. The breach was internally detected by the airport, triggering a coordinated response that involved Australian cybersecurity agencies and international collaboration with Vietnamese law enforcement. This joint effort directly led to the identification, arrest, and subsequent conviction of the perpetrator, who was also linked to separate attacks on Vietnamese banks and telecommunications. The attacker acted independently, with no evidence indicating the sale or further dissemination of the stolen airport data. The incident served as a catalyst for the airport to conduct a comprehensive review and subsequent strengthening of its contractor security protocols, specifically addressing the risks associated with third-party digital access to sensitive systems. This event underscored the persistent threat posed by supply chain attacks to critical infrastructure and demonstrated the airport's capacity for incident response and cross-jurisdictional cooperation in mitigating such threats. The lessons learned from this breach have been integrated into its ongoing security framework, reinforcing the importance of stringent access controls and continuous monitoring for all external parties with system privileges.