Expert comment on the recent cyber attack against LOT, Polish Airline

A cyber attack against the IT network of LOT, the national airline of Poland, left at least 10 flights with over 1,400 passengers grounded over the weekend.

Cris Thomas, Strategist of Tenable Network Security, commented on the subject:

“Airline flight control computers, like the ones attacked at the Polish airline LOT aren’t anything special. There is nothing different about a computer that issues a flight plan than the one most people use at work every day, other than perhaps the flight plan software itself. As such the computer is susceptible to the same attacks, malware and other issues that plaque every other computer and ideally should have the same security systems in place as well.

Usually the people that attack computer systems want them to keep running, it does not help the bad guys if the computer systems they attack suddenly stop working. So it is a little surprising that the LOT systems were unusable for five hours while the systems were being fixed. It is possible that LOT took the machines offline on purpose to help them institute the fixes. Unfortunately there is a lack of technical information available about what exactly happened.

The quoted statement by Adrian Kubicki, LOT spokesman, that this was the first hack of its kind is incorrect. There have been several similar attacks targeting airports, airlines and related systems over the years. These date back to at least 1997 at Worcester Airport in Massachusetts where a teenager disabled the phone system, radio communications, runway lights and other systems at the airport for six hours.”