All Airlines Have the Security Hole That Grounded Polish Planes

[InfoSec News <alerts () infosecnews org>]

http://www.wired.com/2015/06/airlines-security-hole-grounded-polish-planes/

By Kim Zetter
Security
Wired.com
6.22.15

MORE THAN 10 airplanes were grounded on Sunday after hackers apparently 
got into computer systems responsible for issuing flight plans to pilots 
of Poland’s state-owned LOT airline. The apparent weak link? The flight 
plan-delivery protocol used by every airline. In fact, though this may be 
the first confirmed hack of its kind, it’s very similar to a mysterious 
grounding of United Airlines planes that happened last month.

Yesterday, hackers breached the network at Warsaw’s Chopin airport, 
causing some flights to be cancelled and others to be delayed. 
Approximately 1,400 passengers on flights headed to Dusseldorf, Hamburg, 
Copenhagen, and cities in Poland were affected by the grounding. The 
problem was reportedly fixed after about five hours.

“We’re using state-of-the-art computer systems, so this could potentially 
be a threat to others in the industry,” LOT spokesman Adrian Kubicki told 
the BBC.

It’s possible that potentiality is already a reality. Last month, all 
United flights in the US were grounded for nearly an hour after the 
airline apparently experienced problems with flight plans dispatched to 
its pilots.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/