On Sunday unknown cyber attackers breached the flight planning computers of Polish carrier LOT at Warsaw’s Chopin International Airport, prompting LOT to cancel 10 flights. At this time, it seems as though the attack targeted the ground-based computers of LOT, including dispatch computers, rendering them temporarily unusable. LOT reports that its computers are once again functional.
The cyber attack is the first we know of against an airline’s flight planning computers, though last month a cyber security researcher flying on a United Airlines flight from Denver to Syracuse tweeted that he thought he controlled the aircraft’s EICAS (the crew alerting system) through remote computer access while in flight. Chris Roberts, founder of One World Labs, a computer security firm, was questioned by the FBI afterward but no charges were filed.
Reportedly, Roberts also suggested that he could shut off fuel flow to the engines or deploy the passenger oxygen masks. While Roberts contends his tweet was a joke, few are laughing. Both Boeing and Airbus dismissed Roberts’ claims, saying taking control of aircraft systems from the cabin was not possible. Modern airline and bizjet software architecture typically separates cabin and cockpit computer systems, though this is not universally true.
While the LOT incident is not terribly surprising given the rise in global cyber terrorism, it does bring attention to the vulnerability of our airborne computer systems, hopefully leading to more secure platforms both on the ground and in the air. At the very least, it seems possible that hackers, had they been more sophisticated, could have filed erroneous flight plans or sent false fuel-required data.
By Monday morning LOT reported that its systems were up and running normally again and that all flights were taking off without delay.
Get exclusive online content like this delivered straight to your inbox by signing up for our free enewsletter.