LOT hack highlights cyber threat

Concerns over the vulnerability of aircraft to cyber attack have been heightened following the grounding of 10 aircraft operated by Polish flag carrier LOT last week (June 21). The airline was forced to cancel flights from Warsaw Chopin Airport over a five hour period after hackers disabled the system it uses to generate flight plans. A spokesperson for the carrier confirmed that the system had been overloaded by requests from the hackers in a so-called “denial of service” attack commonly used to disable websites. LOT was quick to reassure the media that no danger was posed to passengers as the system was not used in flight, but the attack highlights the risks that increased internet connectivity potentially poses to operators. At a press conference following the attack, the airline’s CEO Sebastian Mikosz warned: “This is an industry problem on a much wider scale, and for sure we have to give it more attention…I expect it can happen to anyone anytime.”

The cyber attack comes as the FAA is asking for feedback on a draft advisory circular setting out requirements for operators of “e-enabled” aircraft on the creation of aircraft network security programmes (ANSP). The FAA described the AC as “essential” because technologies in modern aircraft “may be vulnerable to threats common to IT platforms”.

“New aircraft designs use transmission control protocol (TCP) and internet protocol (IP) technology in a manner that virtually makes the aircraft an airborne interconnected network domain server,” it states.

“As with other TCP/IP applications, a real threat exists that may be intentional or unintentional with a detrimental effect on system performance. These effects may range from reduced performance, denial of service, or criminal activity.”

The AC concludes that: “The transmission of critical data necessitates the need for an ANSP.”

An ANSP covers network security onboard the aircraft, the off-airport supporting infrastructure (corporate offices) and “everything in between”.

The AC draws on requirements that were mandated as “operational specifications” on new generation aircraft, such as the 787 and A350, and highlights that “e-enabled” aircraft covers not only new aircraft but those that have had TCP/IP connectivity retrofitted.

Operators must, according to the AC, develop and maintain an ANSP that:

- ensures security protection is sufficient to prevent access by unauthorised sources external to the aircraft;
- ensures security threats specific to the certificate holder’s operations are identified and assessed, and that risk mitigation strategies are implemented to ensure the continued airworthiness of the aircraft;
- prevents inadvertent or malicious changes to the aircraft network, including those possibly caused by maintenance activity; and
- prevents unauthorised access from sources onboard the aircraft.

The AC, which is out for comment until 6 July, follows on from warnings from the US Government Accountability Office in March, which reported that aircraft could be vulnerable to having their computers hacked and remotely taken over by passengers using in-flight wi-fi.

The hack attack on LOT is sure to refocus attention – both airlines and OEMs - to this increasingly worrying element of our modern interconnected society.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.