Airline hit by cyber attack, exposes risk to other carriers

Roughly 1,400 passengers were stranded at the Poland’s busiest airports on Monday, when the LOT Polish Airlines’ systems were hacked by some cyber criminals. The LOT confirmed the hacking issue and are investigating it.

The cyberattack was carried out by the hacker using the DDoS method and managed to overload the system at LOT which managed the flight plans. The issue was immense and causes 1,400 passengers to be grounded at the Warsaw’s Chopin airport for almost 5 hours.

The report mentions the Poland domestic intelligence agency had been called for investigation of the attack, but there are no leads on the hacker or agency responsible for the attack.

The hack has opened a can of worms, highlighting that a simple DDoS attack could threaten air safety. This could mean renewed scrutiny of the systems that keeps the airlines safely in the air and adequately protect the systems to prevent havoc or even bringing down a plane. If an attacker can get through one airline’s secure flight plan systems, how difficult can it be to gain access to other airlines around the world?

The attack occurred at around 4 pm (15 GMT), and targeted the airline’s ground operations system, the carrier said in a statement. The incident, which led to the cancellation of 10 flights departing from Warsaw, was resolved by 9 pm. “This is the first attack of its kind,” LOT spokesman Adrian Kubicki told TVN 24 television. The airline said in a statement on its website that the “IT attack” meant it was unable to create flight plans and flights were not able to depart from Warsaw.

“This is an industry problem on a much wider scale, and for sure we have to give it more attention,” LOT chief executive Sebastian Mikosz told a news conference. “I expect it can happen to anyone anytime.”

The airline spokesperson stated that the passengers were not in danger by the attack since it did not attack the systems used by the airplanes when they were in the air. Though the systems were down for almost 5 hours, flights were taking off and landing as scheduled. The attack highlighted the vulnerability of the passenger jets when the airplane is on the tarmac preparing to fly.  

A LOT spokesman said the problem was most likely caused by what is known as a “distributed denial of service” attack — when a hacker deluges an organization’s system with so many communication requests that it overloads the server, and it can no longer carry out its normal functions.

Usually, DDoS attacks are carried out from public terminals, such as cybercafés and overseas using VPNs, but the question arises about how a sensitive flight plan system was opened to the Internet. However, LOT confirms that they do not have a public website. Investigations are still in progress, and many experts are waiting to know how the hacker carried out the hijack. Though the attack overloaded the systems and put it offline for a few hours, LOT confirmed that no data was breached. LOT also confirmed that they had the ability to apply certain emergency procedures in such situations.

In December last year, the international civil aviation organisation said cybercrime was a serious threat to safety in the skies, vowing to set up a “security culture” protecting travellers against any catastrophic incident.

A US report in April warned that hackers could exploit in-flight entertainment systems to fatally sabotage cockpit electronics.

The report by an investigative arm of the US Congress came just weeks after a co-pilot crashed his Germanwings A320 into the French Alps, killing all 150 on board, and prompting talk of airliners one day being 100 per cent automated.

In May a security researcher claimed he had hacked the controls of a United Airlines jetliner from its entertainment system. The FBI is investigating the claim by Chris Roberts of One World Labs that he briefly took control of a United aircraft from his passenger seat by hacking into the in-flight entertainment network. United cast doubt on the claims, with its CEO telling a United States Senate hearing that there were “clear firewalls” between the systems, but admitting that the matter was “of great concern to us” and that the airline was cooperating with the FBI investigation.