Chief executive of Polish national carrier LOT has warned no airline is safe from the type of cyber attack that grounded his aircraft and hundreds of passengers at Poland’s busiest airport over the weekend.
Poland’s domestic intelligence agency said it had been called in to investigate, but there was no word on who might be responsible for the attack that disabled the system LOT uses for issuing flight plans.
The attack is likely to bring renewed scrutiny to the question of whether systems which help keep airliners safe in the air are adequately protected from hackers intent on causing havoc or even on bringing down a plane.
“This is an industry problem on a much wider scale, and for sure we have to give it more attention,” LOT chief executive Sebastian Mikosz told a news conference.
“I expect it can happen to anyone anytime.”
The airline said there was never any danger to passengers from the attack since it did not affect systems used by aircraft while in the air.
Around 1400 passengers were stranded at Warsaw’s Chopin airport when the flight plan system went down for around five hours on Sunday. Flights were taking off and landing as scheduled on Monday, the airline said.
Denial of service attack overloads network
A LOT spokesman said the problem was most likely caused by a Distributed Denial of Service (DDoS) attack.
“This was a capacity attack, which overloaded our network,” said the spokesman, Adrian Kubicki.
Ruben Santamarta, a researcher on airline’s cyber-security, said there are not enough details on the LOT attack to properly assess what happened. But he said it highlighted the vulnerability of passenger jets when they are on the tarmac preparing to fly.
“There are multiple systems at ground level that provide critical services for airlines and aircraft, in terms of operations, maintenance, safety and logistics,” said Santamarta, who is principal security consultant for Seattle-based security research firm IOActive.
Santamarta last year said he had figured out how to hack into the satellite communications equipment on passenger jets through their wi-fi and inflight entertainment systems.
Most denial of service attacks use a publicly accessible internet site as the channel through which to bombard their target. The LOT system has no public site.
“I am quite surprised that such sensitive systems dedicated to airline operations are exposed to the internet to be exposed to denial of service attacks,” said Pierluigi Paganini, the chief information security officer of Naples-based Bit4Id.
“Like many experts, I am waiting for more details to understand how this occurred,” he said.
Asked about whether the system was exposed to the internet, Kubicki, the airline spokesman, said the hackers had acted illegally to interfere with the operation of the system, but he said they had not gained direct access to any of the data contained within it.
“The key thing for an airline is the ability to apply certain emergency procedures in such situations and I think that we passed this test,” said Kubicki.