Polish airline, hit by cyber attack, says all carriers are at risk

rp_SP-LDE-Embraer-170-LOT-Polish-Airlines-420x276.jpg

 

* Some 1,400 passengers stranded on Sunday due to hack

* Experts say highlights vulnerability of ground systems

* Airline says passed test with emergency procedures (Recasts, adds details on attack, analysts)

(Reuters) – No airline is safe from the type of cyber attack that grounded aircraft and hundreds of passengers at Poland’s busiest airport at the weekend, the chief executive of Polish national carrier LOT said on Monday.

Poland’s domestic intelligence agency said it had been called in to investigate, but there was no word on who might be responsible for the attack, which disabled the system LOT uses for issuing flights plans.

The attack is likely to bring renewed scrutiny to the question of whether the systems which help keep airliners safely in the air are adequately protected from hackers intent on causing havoc or even on bringing down a plane.

“This is an industry problem on a much wider scale, and for sure we have to give it more attention,” LOT chief executive Sebastian Mikosz told a news conference.

“I expect it can happen to anyone anytime.”

The airline said there was never any danger to passengers from the attack since it did not affect systems used by aircraft while in the air.

Around 1,400 passengers were stranded at Warsaw’s Chopin airport when the flight plan system went down for around five hours on Sunday. Flights were taking off and landing as scheduled on Monday, the airline said.

NETWORK OVERLOAD

A LOT spokesman said other airlines use comparable software systems.

He said the problem was most likely caused by what is known as a Distributed Denial of Service (DDoS) attack — when a hacker deluges an organisation’s system with so many communication requests that it overloads the server, and it can no longer carry out its normal functions.

“This was a capacity attack, which overloaded our network,” said the spokesman, Adrian Kubicki.

Ruben Santamarta, a researcher on airline’s cyber-security, said there were not enough details on the LOT attack to properly assess what happened. But he said it highlighted the vulnerability of passenger jets when they are on the tarmac preparing to fly.

“There are multiple systems at ground level that provide critical services for airlines and aircraft, in terms of operations, maintenance, safety and logistics,” said Santamarta, who is principal security consultant for Seattle-based security research firm IOActive.

SOURCE REUTERS, Read more..