Skip to content

US Flights Resume After Reported Laptop Glitch Resolved

Important Infrastructure Safety

Individually, UK’s Royal Mail Blames ‘Cyber ​​Incident’ for Service Disruption

Mathew J. Schwartz (euroinfosec) •
January 11, 2023

Image: Mark Bess via Flickr/CC

Anytime critical infrastructure gets disrupted, the first question inevitably seems to be: Was a cyberattack to blame?

SeeAlso: Live Webinar | 6 Steps to get a Handle on Patching OT

So it went Wednesday when the US Federal Aviation Administration announced a “ground stop,” prohibiting flights from taking off, due to an overnight system failure.

“The FAA has ordered airlines to pause all domestic departures until 9 am Eastern Time to allow the agency to validate the integrity of flight and safety information,” the FAA, part of the Department of Transportation, reported early Wednesday.

The problem was an outage involving the FAA’s system for sharing real-time information on flight hazards and restrictions with all commercial airline pilots, called NOTAM, for “Notice to Air Missions.” The ground stop caused chaos at US airports, as passengers were left stranded or delayed. While plans in the air could still land, the disruptions led to 6,000 flights being delayed and 1,000 cancelled, according to tracking firm FlightAware.

The White House moved quickly to downplay suggestions that online attacks might have triggered the outage.

“The president has been briefed by the secretary of transportation this morning on the FAA system outage,” press secretary Karine Jean-Pierre reported through Twitter.

“There isn’t any proof of a cyberattack at this level, however the president directed DOT to conduct a full investigation into the causes. The FAA will present common updates,” she added.

Simply shy of 9 am Japanese Time, the FAA ended the bottom cease.

“FAA has decided that the security system affected by the in a single day outage is totally restored, and the nationwide floor cease will likely be lifted efficient instantly,” Secretary of Transportation Pete Buttigieg reported through Twitter at 8:55am Japanese Time.

“I’ve directed an after-action course of to find out root causes and advocate subsequent steps,” he added.

What that after-action report identifies because the perpetrator behind the NOTAM outage stays to be seen.

Royal Mail Disruption

Additionally on Wednesday, Britain’s nationwide postal service, Royal Mail, suggested prospects that it was “experiencing extreme service disruption to our worldwide export companies following a cyber incident,” and advisable they delay trying to ship any objects overseas.

“We’re experiencing disruption to our worldwide export companies and are briefly unable to dispatch objects to abroad locations,” Royal Mail mentioned. “Objects which have already been dispatched could also be topic to delays. We wish to sincerely apologize to impacted prospects for any disruption this incident is inflicting. Our import operations proceed to carry out a full service, with some minor delays.”

It added: “Our groups are working across the clock to resolve this disruption and we’ll replace you as quickly as we have now extra info.”

Cyberattack Query Déjà Vu

Any uncommon outage or delay today – not simply FAA programs however IT outages at British airports, energy grid disruptions in South America, a US Navy destroyer colliding with a service provider tanker – appear to instantly set off the “was it a cyberattack?” query.

As these incidents spotlight, on-line assaults are not often guilty.

Till 2019, the tongue-in-cheek Cyber ​​Squirrel 1 web site tracked over 30 years of information pertaining to 2,524 international energy outages. Solely three could possibly be ascribed to people, within the type of nation-state assaults: the Ukrainian energy outages in 2015 and 2016, and Stuxnet, which was found in 2010 and is extensively believed to have been the results of a mission run by the US and Israel.

For the opposite outages, the main perpetrator was clear: squirrels, adopted distantly by birds, snakes and raccoons.

For IT outages, in the meantime, the digital model of a squirrel is already well-known. “It was DNS. It is all the time DNS,” tweeted cybersecurity knowledgeable jake williamsa former member of the Nationwide Safety Company’s offensive hacking crew, in regards to the FAA system outage.


Leave a Reply

Your email address will not be published. Required fields are marked *