After 10 planes are grounded in Warsaw, LOT says no airline is immune to cyber-attacks

It was back in April that the FBI issued a warning that airlines were currently vulnerable to cyber-attacks after a tweet from security expert, Chris Roberts, where he joked about being able to hack into any United Airlines plane’s Wi-Fi network. While Roberts has now been banned from all United Airlines flights, the FBI and the US Transportation Security Administration (TSA) are still evaluating the possibility that planes’ Wi-Fi systems are inherently vulnerable to attack. Meanwhile on Sunday in Warsaw, Poland, ten flights were grounded by what was subsequently described as hacking which disabled the system LOT, Poland’s principal airline, uses for issuing flights plans. The attack saw flights stranded for over five hours and 10,000 passengers stranded while LOT sought to overcome the problem and use external computers to create the required flight plans.
“This is an industry problem on a much wider scale, and for sure we have to give it more attention,” LOT’s Chief Executive Sebastian Mikosz told a news conference, continuing “I expect it can happen to anyone anytime.” The cyber-attack has definitely renewed speculation as to whether systems which keep planes airborne are safe, despite the fact this latest incident only affected those on the ground. “This is an industry problem on a much wider scale, and for sure we have to give it more attention,” Mikosz admitted, “I expect it can happen to anyone anytime,” he added. Stating that the incident was most likely the result of a Distributed Denial of Service (DDoS) attack – a situation which occurs when a hacker bombards a company’s system with so many communication requests that it overloads the server to the point where it can no longer able to function normally – a spokesman for LOT, Adrian Kubicki also confirmed that “This was a capacity attack which overloaded our network.”
It is known that the majority of DDoS attacks use a publicly accessible Internet site via which attackers will bombard their target, though it is known that the LOT system has no such public site. “I am quite surprised that such sensitive systems dedicated to airline operations are exposed to the Internet to be exposed to denial of service attacks,” said the Chief information Security Officer for Naples-based Bit4Id, Pierluigi Paganini. “Like many experts, I am waiting for more details to understand how this occurred,” he confirmed. However, when asked whether the system was exposed to the Internet, Kubicki made it clear that the hackers had acted illegally in interfering with the system, even though they had not gained direct access to any data within it.