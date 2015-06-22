* Some 1,400 passengers stranded on Sunday due to hack
* Experts say highlights vulnerability of ground systems
* Airline says passed test with emergency procedures
By Wiktor Szary and Eric Auchard
WARSAW/FRANKFURT, June 22 No airline is safe
from the type of cyber attack that grounded aircraft and
hundreds of passengers at Poland's busiest airport at the
weekend, the chief executive of Polish national carrier LOT
said on Monday.
Poland's domestic intelligence agency said it had been
called in to investigate, but there was no word on who might be
responsible for the attack, which disabled the system LOT uses
for issuing flights plans.
The attack is likely to bring renewed scrutiny to the
question of whether the systems which help keep airliners safely
in the air are adequately protected from hackers intent on
causing havoc or even on bringing down a plane.
"This is an industry problem on a much wider scale, and for
sure we have to give it more attention," LOT chief executive
Sebastian Mikosz told a news conference.
"I expect it can happen to anyone anytime."
The airline said there was never any danger to passengers
from the attack since it did not affect systems used by aircraft
while in the air.
Around 1,400 passengers were stranded at Warsaw's Chopin
airport when the flight plan system went down for around five
hours on Sunday. Flights were taking off and
landing as scheduled on Monday, the airline said.
NETWORK OVERLOAD
A LOT spokesman said other airlines use comparable software
systems.
He said the problem was most likely caused by what is known
as a Distributed Denial of Service (DDoS) attack -- when a
hacker deluges an organisation's system with so many
communication requests that it overloads the server, and it can
no longer carry out its normal functions.
"This was a capacity attack, which overloaded our network,"
said the spokesman, Adrian Kubicki.
Ruben Santamarta, a researcher on airline's cyber-security,
said there were not enough details on the LOT attack to properly
assess what happened. But he said it highlighted the
vulnerability of passenger jets when they are on the tarmac
preparing to fly.
"There are multiple systems at ground level that provide
critical services for airlines and aircraft, in terms of
operations, maintenance, safety and logistics," said Santamarta,
who is principal security consultant for Seattle-based security
research firm IOActive.
Santamarta last year said he had figured out how to hack
into the satellite communications equipment on passenger jets
through their WiFi and inflight entertainment systems.
Most denial of service attacks use a publicly accessible
Internet site as the channel through which to bombard their
target. The Lot system has no public site.
"I am quite surprised that such sensitive systems dedicated
to airline operations are exposed to the Internet to be exposed
to denial of service attacks," said Pierluigi Paganini, the
chief information security officer of Naples-based Bit4Id.
"Like many experts, I am waiting for more details to
understand how this occurred," he said.
Asked about whether the system was exposed to the Internet,
Kubicki, the airline spokesman, said the hackers had acted
illegally to interfere with the operation of the system, but he
said they had not gained direct access to any of the data
contained within it.
"The key thing for an airline is the ability to apply
certain emergency procedures in such situations and I think that
we passed this test," said Kubicki.
