One of the most important skills a pilot needs to have is the ability to adapt when the flight cannot be completed as planned. This became a real-world lesson for thousands of pilots this week when a cyber incident affecting Jeppesen potentially impacted a pilot’s ability to download up-to-date GPS navigation, flight planning, and instrument approach data.
On November 2, Jeppesen, a Boeing (NYSE: BA) subsidiary, reported on its website that there had been a “cyber incident” that affected some Jeppesen products and services. For pilots, that translated to issues potentially affecting navigation charts and information that most pilots draw from ForeFlight on their electronic flight bags (EFBs). In short, the information became suspect, as pilots were notified it could be out of date.
“It’s always good to have options,” noted Jason Blair, designated pilot examiner and FLYING Magazine contributor who pens Chart Wise, a study of instrument approaches and procedures.
“We have become too dependent on our EFBs. It’s a great check ride scenario—what would you do if you suspected your EFB was compromised and you needed to get weather? How about making a call to Flight Service? Or when it comes to approaches, have another app loaded on your phone or tablet as backup,” he said.
In the days that followed the cyber incident, it was determined that Jeppesen was not the target of the attack, but rather the delivery method that is used to share informational Jeppesen products with customers was briefly affected; it has since been restored.
In a nutshell, this means that en route navigation and terminal approaches available from ForeFlight are back, which is a relief to pilots utilizing instrument flight plans. According to FAA Advisory Circular 90-100A, pilots need to have the most up- to- date information for these operations.
“Pilots should always have a backup,” Blair said. “I have iflightPlanner on my phone and tablet and there are other pilots who use Garmin products.”
In the meantime, Boeing and Jeppesen are still trying to determine the scope of the cyberattack. On November 2, Jeppesen posted information atop its website with a red banner indicating that the cyber incident had affected certain products and services.
“We immediately initiated an incident response process and are working to reactivate individual products to our hosted production environment,” the statement read, adding “The most recent Jeppesen chart downloads available in Jeppesen Mobile FliteDeck and ForeFlight Mobile are currently effective and in compliance with applicable regulatory requirements. Any ‘Expired’” messages shown for Jeppesen terminal charts prior to December 1st do not indicate that the charts are expired from a regulatory perspective.”
This situation is evolving and FLYING will continue to provide updates as they are made available.