colinneagle (2544914) writes "The Metropolitan Washington Airport Authority (MWAA) earlier this year published a document to its website containing sensitive security information that terrorists could potentially have used to launch cyber and physical attacks against Reagan National and Dulles International airports in Washington, D.C.
The document is a Statement of Work (SOW) published as part of a process to solicit contractors for electronic security maintenance, repair, modification, and installation services at the airports. Since being contacted for this article, the MWAA has removed information from the document that it deemed sensitive.
Shortly after reviewing the document, a senior military cybersecurity specialist and former Red Team leader reported it to the TSA. Despite his concerns and rank, the TSA responded two weeks later and claimed the document did not pose a threat.
Responding to later requests for comment from Network World, a TSA spokesman placed responsibility on the MWAA, adding that "airports are responsible for airport security."
However, given that the TSA denied three opportunities to alert the MWAA and instead asked civilians to report the vulnerabilities, the military specialist believes the American public would hold the TSA responsible."
Link to Original Source