Authorities investigating the 2008 crash of Spanair flight 5022 have discovered a central computer system used to monitor technical problems in the aircraft was infected with malware.
An internal report issued by the airline revealed the infected computer failed to detect three technical problems with the aircraft, which if detected, may have prevented the plane from taking off, according to reports in the Spanish newspaper, El Pais. Flight 5022 crashed just after takeoff from Madrid-Barajas International Airport two years ago today, killing 154 and leaving only 18 survivors.The U.S. National Transportation Safety Board reported in a preliminary investigation that the plane had taken off with its flaps and slats retracted — and that no audible alarm had been heard to warn of this because the systems delivering power to the take-off warning system failed. Two earlier events had not been reported by the automated system.
The malware on the Spanair computer has been identified as a type of Trojan horse. It could have entered the airline’s system in a number of ways, according to Jamz Yaneeza, head threat researcher at Trend Micro. Some of the most likely ways are through third party devices such as USB sticks, Yaneeza said, which were responsible for the International Space Station virus infection in 2008, or through a remote VPN connection that may not have the same protection as a computer within the enterprise network. Opening just one malicious file on a single computer is all it takes to infect an entire system.
An incident like this could happen again, and most likely will, according to Saydjari.
Sounds sketchy to me. Trains good, planes bad? Any pilots here like to refute this?
this is silly.
I have seen better protection and protocols on the OLD main frames, then I have on recent HOME COMPUTERS, used for government use..
NOW you have a proprietary USE for a piece of hardware, and then SOMEONE can access it and infect it??
I either say, this is a BS scare tactic or
SOME ONE FU the system on purpose.
I can see it now..ALL the digital displays USED by the pilots, showing PAC MAN to keep them entertained. Using the Steering to control pac man..
The hardware could only be access at certain times for updates and refresh. Otherwise there is NO reason to touch the system. Wireless access?? THAT would be forbidden..its hackable. Internal ports? USB/SERIAL/PAR/CD/DVD would all have to be Password protected from the main console. NO ACCESS.
As part of pre-flight, did they not verify flaps and slat movement?!?!? Every pilot I know (I live next to a flight school) verifies all flight controls prior to take-off visually, not relying on the instruments to tell them they moved.
Let me get that straight: they’re using WINDOWS to monitor and protect aircraft?
Yes, it is plausible that malware or a cyber-weapon attack on an aircraft can cause control surfaces to malfunction and for cockpit alarms to disengage. There is surprisingly little to stop it from happening, crews carry removable media onboard to load flight data and engineering management files. A remote exploit is tougher.
Sarg, but are they able to use Home computers, INSTED of the onsite computers to input there data?
Basic security, VERY basic.
#5. ECA. Good question, thumb drives are ubiquitous and are used promiscuously.
Assuming they actually use thumb drives (or ROMs with a thumb drive connector) on an aircraft for a legitimate reason, isn’t there some validation protocol on the aircraft electronics that can validate the thumb drive?
Another thought: their security software comes from Trend Micro? I had their software on my new PC for 6 months, and decided Trend Micro software was worse than no protection at all.
Wow, that almost looks like a Windows logo on the tail of the plane.
Maybe that’s not a bad idea for the passengers… have a logo on the plane identifying the OS used to manage critical systems.
Not a bad idea to have it listed along with the type of plane during ticketing.
How many folks would feel safe knowing that info in advance? How many folks would choose a different plane or airline if they had that knowledge?
Cheers!
—RASTER
@ #9
Would feel much safer with a plane with Windows than a plane with any Apple software since Apple has the most security risk than any software on the market.
#9 RASTERMAN – The favicon, the icon that appears in the address bar of a web browser (dvorak.org has John C. Dvorak’s face), for Bank of America’s website shows a Sun Microsystems logo. I told Bank of America this in 2004 for the same reasons that you mention. Someone from the outside might try to customize an attack against Bank of America by knowing the specific hardware or software Bank of America runs.
A somewhat similar problem has been noted because of air pressure sensors in tires. They left a security hole.
The problem is we have so much computing power and ram is so cheap they can waste it. In the old days they’d have had some machine code running off a rom chip and the only way to stick malware in it would have been when they burned it.
Now they use bootable systems that run an OS and can be infected. Progress? I don’t think so. More like laziness.
I guess Adam Curry will file this under “Trains good, Planes bad!”. The meme continues…
Should be titled, “Where there’s smoke there’s bullshit.”
These pilots fucked up; plain and simple.
Just another diversion that will probably work since most people refuse to pull their heads out of their asses.
The firmware for a/c flight controls and engine management is signed just like an xbox or iphone, the big difference being, not every retard and his brother has access to these boxes and/or the firmware.
Is this supposed to be a hack that is done on purpose or some kind of unintended conflict in a hack meant to do something else?
anyhoo, airplanes can differ but you should still have a flap/slat position indicator and the position switch itself both separate from the warning systems.
Preflight would only show the flaps and slats are “there” without any clamps and what not. In the cockpit you “should be” able to tell if the flaps actually go down when activated by the sound and feel of the aircraft.
But, the plane crashed evidently with the flaps up which pilots “would never do” all on their own.
fly the friendly blue screen skies ….
Listened to no agenda and the guys said the malware was on a server? which caused it to fail to flag reported errors.
I still say the working dedicated machines ought to be rigged where they don’t/can’t talk to crap that can mess them up. They have a limited set of possible responses and no more. You can get the defined data out and put the defined data in but other than that everything is cuneiform to the system and it doesn’t a clue what cuneiform is.
“Airline said to be mulling surcharge for flights on anti-virus equipped planes.”
Windows strikes again. When will the world learn.
I doubt this was a “Windows” issue. Most of these companies are using proprietary OS since they need to be simple, secure, and robust. “Windows” has too much other irrelevant crap to be used to manipulate especially avionics, or any single use purpose.
I would suggest this was something mechanical. If it had happened previously it might be either the sensor or sending unit. BUT, remember kiddies, that is just gut reaction and not special knowledge.
If this was a trojan or other malware then it was a specifically written piece of software designed to attack the proprietary operating system that was installed by someone actually on the plane that intended to do harm to the aircraft. And that someone was in maintenance or at least passed for it.
Aviation flu?
@20, Most of these companies are using Windows OS because it’s what everybody knows how to use. Replace it with anything else and watch 90% of the employees frown and scratch their heads and bitch to everyone around the water cooler about how the new OS is complicated, and “obsolete” and “inadequate” because it doesn’t have a very pretty GUI.
This aircraft is a older model aircraft that was manufactured in 1993, as an aircraft mechanic, i can tell you that the systems on this aircraft would not be susceptible to an onboard virus.
There was a mechanical problem in the warning system for the flaps and slats position out range position warning system.
The onboard reporting system tells the company of any faults that happened during the previous flight. the failure of the warning system was reported to the infected servers. those servers did not flag maintenance control of a possible problem with the airframe.
The pilots made a mistake and did not verify visually the position indicators in the cockpit. pilot error not a trojan, brought this aircraft down.
If true, the malware authors should be charged with the highest degree of manslaughter possible. (I know, not likely).
I just finished reading “Cyberwar” by Richard Clarke. Highly recommended.
He makes an excellent case for Linux in government, banks and anywhere that security is essential. He says the government and banks have done studies which clearly prove that Linux is more secure but Microsoft’s lobbying efforts keep Windows in the government.
In other words, Microstofts profits are more important than our national security.
He also makes a case that the cost-saving “off the shelf solution” policy are penny-wise but pound foolish. Custom OSs/systems are far harder to hack than off the shelf ones.
Safer yet, would be custom systems created by vetted government employees rather than contractors who hire the cheapest labor. Of course, the conservatives hate the thought of private industry not getting filthy rich off the taxpayers, so they support the current less-secure, more expensive policy of privatization.
>> unclemik9 said, on August 23rd, 2010 at 9:06 am
>> This aircraft is a older model aircraft that was manufactured in 1993, as an aircraft mechanic, i can tell you that the systems on this aircraft would not be susceptible to an onboard virus.
Are you saying that planes make in ’93 never get a computer upgrade? They’re just running old XTs or something? That’s shocking if true.
(I have no idea, BTW, — I’ll take your word on it. How did the pilots use their thumb drives since ’93 computers didn’t have USB ports?)
#24, thanks..
#26, good point.
And this leads back to an old tech rant I have done before(I wont this time).
WINDOWS could protect itself if they used the OLD standardized Protection procedures.
LOCK UP WINDOWS..NOTHING writes to the WINDOWS DIR..PERIOD.
they could even use a Checksum AV program, that looks for ANY CHANGES in programming..ANY changes get flagged or removed.
I listened to the NA podcast…
This is on the SERVER, NOT the plane.
The CHECK system that evaluates Problems is GROUND BASED.
IT’ didnt find faults recorded BY THE PLANE, given to the Evaluating ground computer.
Umm,
my comments STAY the same..WHY the hell isnt it a secure system?
Viruses and trojans are usually pretty specific to operating systems. There are any (that I know of) that can infect multiple platforms, across different OSes. And who would write such things, to infect systems that represent only a tiny fraction of computers worldwide? The only thing I think of is that they’re using Windows (2000, XP, Vista) for all their aerospace needs. Including the plane’s monitoring computer. What’s wrong with tailoring a very of Linux for it? Or a proprietary OS? It costs too much? For a huge aerospace company?!!
It’s not the trojan writers fault. It’s the plane maker’s fault for such penny-pinching, and lax security. They might as well being using substandard, knock-off, engine parts, as well. And blaming the parts makers for crashes.
They obviously didn’t test these monitoring computers very thoroughly.
And “you” wonder why people are losing their faith in planes? Too much of this quick profit taking, over safety. I’ll bet the aerospace execs never fly on their own aircraft.
It isn’t simply a case of “Trains good, planes bad”. It’s trains simpler and harder to screw up. And planes too damn complicated to take penny-pinching shortcuts, when it come to safety. But guess what? They do anyway! And government safety regulators don’t do enough to prevent these clowns from compromising safety and security, in the name of preserving profits.
So don’t be such an aerospace fanboy, just because you probably own their stock. And don’t act so mortally threatened, because of a little potential competition in the transportation field. Planes will still be around, even with a few faster train lines. Sheesh! What a cry baby. My precious planes will stop flying, if we build one more rapid railway. Boo hoo. My Boeing stock will plummet. Whoa is me. Oh grow up, Curry.
Yes the avionics and other systems can be upgraded and these upgrades are very expensive since for the most part these are proprietary systems, running from a rom. they are designed to last the life of the airframe 20 – 30 years. you need to think of these systems more like the computer in your car rather than a laptop. they are single purpose systems.
In fact this model airframe is being phased out of use by the major air lines because their engine do not meet current noise guidelines and guzzle fuel and replacing the engines costs more than the airframe is worth.
If you are interested in the best example of modernizing airframes. look at the B-52 the next time you are at an air show. you will find parts manufactured in the fifties along side the most current avionics systems, but the costs are astronomical but worth it for an airframe you are looking to operate for the next 40 years.