Malware implicated in fatal crash

[LaMidRighter]

Story is here: Malware implicated in fatal Spanair plane crash - Technology & science - Security - msnbc.com Spanair flight 5022 was lost in 2008 killing 154 passengers and leaving 18 survivors. The NTSB implicated a malware infection which disabled critical alarm systems leaving the crew basically blind to major systems failures. People are welcome to their opinions here but I think it's time to get even more serious in prosecuting hackers and other malware creators.

I've said for years that people who attack computer integrity are capable of ruining lives and should be given as harsh of a sentence as legally allowed to deter the next one from even trying it. Maybe my opinions are a little draconian as far as these hackers go, but I hope that the originator of the trojan horse is discovered and charged with 154 federal homicide counts and then sued by the 18 survivors into oblivion.

 

[Orion]

Because I'm a sci-fi nerd, the first thing I thought of is Battlestar Galactica and how the Cylons were able to infect computers that were networked. How exactly does malware get into an on board flight system unless it is connected to an outside source? Maybe flight companies should reconsider making their systems opened to the world wide web where hackers can gain access.

 

[LaMidRighter]

Because I'm a sci-fi nerd, the first thing I thought of is Battlestar Galactica and how the Cylons were able to infect computers that were networked. How exactly does malware get into an on board flight system unless it is connected to an outside source? Maybe flight companies should reconsider making their systems opened to the world wide web where hackers can gain access.

That was the thing, the article mentioned that all these systems network to each other. I'm thinking a workstation must have had the file and then fed it through. I forgot which type of protocol they mentioned was suspect but it's a creepy thought that major flight control systems can be disabled that easily. I completely agree that seperate intranet systems should be used with zero access to outside computers.

 

[Hoplite]

This leads me to ask why there was no (or lax) antivirus or malware prevention software present.

In the digital age, such software is a basic form of protection that anything hooked up to anything else should have. If you dont use the software, I have little sympathy for you if you get infected.

It's like unprotected sex; it is at least partially your fault if you catch something because you didnt do the bare minimum to protect yourself.

 

[LaMidRighter]

This leads me to ask why there was no (or lax) antivirus or malware prevention software present.

In the digital age, such software is a basic form of protection that anything hooked up to anything else should have. If you dont use the software, I have little sympathy for you if you get infected.

It's like unprotected sex; it is at least partially your fault if you catch something because you didnt do the bare minimum to protect yourself.

You have a point in a way, there is responsibility on the part of the air traffic network to insure all systems are functioning properly but the passengers on the plane are innocent in all of this. All they did was buy a ticket and expect a reasonably safe flight. The big problem though with blaming ATC though is that this trojan horse was suspected to have hit the VPN network(after re-reading the article) and these are less protected backdoors that hackers love to use, apparently the antivirus software was completely bypassed as these networks are not necessarily as protected.

Again, the hacker assumes the majority of the blame here IMO as it is his malware that corrupted critical files and had those not been created the plane would never have even taken off. The flight crew and passengers literally had no chance.

 

[Hoplite]

You have a point in a way, there is responsibility on the part of the air traffic network to insure all systems are functioning properly but the passengers on the plane are innocent in all of this. All they did was buy a ticket and expect a reasonably safe flight. The big problem though with blaming ATC though is that this trojan horse was suspected to have hit the VPN network(after re-reading the article) and these are less protected backdoors that hackers love to use, apparently the antivirus software was completely bypassed as these networks are not necessarily as protected.

Again, the hacker assumes the majority of the blame here IMO as it is his malware that corrupted critical files and had those not been created the plane would never have even taken off. The flight crew and passengers literally had no chance.

I agree that a great deal of the blame rests on the creator of the malware however the airline that flies the plane shares in that responsibility. They were responsible for protecting their network and it seems as though they didnt do such a good job of it. When people die because a business failed to take adequate safety measures to prevent something, part of the responsibility for the fatalities rests on their shoulders.

 

[LaMidRighter]

I agree that a great deal of the blame rests on the creator of the malware however the airline that flies the plane shares in that responsibility. They were responsible for protecting their network and it seems as though they didnt do such a good job of it. When people die because a business failed to take adequate safety measures to prevent something, part of the responsibility for the fatalities rests on their shoulders.

I think we agree for the most part. What I believe ended up happening was that to save money a single open network must have been used, possibly past the money issue the dept. may not have had the manpower to create and maintain a seperate network or even some workstations may have needed to be accessed by non-flight engaged controllers to feed info to the system.

In any case I think that flight computers should be on a seperate network not open to the rest of the computers specifically for this issue. Even if it takes hiring an intermediary to communicate commands between the two system operators by physical means such as radio or phone I'd say it would be worth it to avoid a future catastrophes such as this.

 

[Hoplite]

I think we agree for the most part. What I believe ended up happening was that to save money a single open network must have been used, possibly past the money issue the dept. may not have had the manpower to create and maintain a seperate network or even some workstations may have needed to be accessed by non-flight engaged controllers to feed info to the system.

In any case I think that flight computers should be on a seperate network not open to the rest of the computers specifically for this issue. Even if it takes hiring an intermediary to communicate commands between the two system operators by physical means such as radio or phone I'd say it would be worth it to avoid a future catastrophes such as this.

The only way you could really ensure there was zero risk would be either to have NO communication whatsoever with any other network. That isnt practical as you need firmware and software updates as well as GPS and navigational information.

The other alternative is have flight computers communicate in a language that programs dont understand unless they've been designed to.

Better just to have serious anti-virus software.

 

[LaMidRighter]

The only way you could really ensure there was zero risk would be either to have NO communication whatsoever with any other network. That isnt practical as you need firmware and software updates as well as GPS and navigational information.

The other alternative is have flight computers communicate in a language that programs dont understand unless they've been designed to.

Better just to have serious anti-virus software.

True on the av software but I've been hacked in times that I thought I was bulletproof as well. Dunno, I guess I'd rather a dual network with a human communicating the two commands just to be safe. I'll let the pros sort this one out.

 

[Hoplite]

True on the av software but I've been hacked in times that I thought I was bulletproof as well. Dunno, I guess I'd rather a dual network with a human communicating the two commands just to be safe. I'll let the pros sort this one out.

There's no such thing as bulletproof. In my experience, those who consider themselves "impervious" to viruses or malware often have the biggest security holes.

 

[LaMidRighter]

There's no such thing as bulletproof. In my experience, those who consider themselves "impervious" to viruses or malware often have the biggest security holes.

I agree with that. Learned that lesson the hard way. LOL!

 

[rathi]

It is nothing but shear incompetence that this was allowed to happen. The system used to monitor the aircraft before take-off should operate under a closed network at all times. If you need any kind of firmware or software update, it should be done manually with physical access. Anti-Virus software is worthless, the only real defense is to avoid the attack vector in the first place.

 

[mac]

Because I'm a sci-fi nerd, the first thing I thought of is Battlestar Galactica and how the Cylons were able to infect computers that were networked. How exactly does malware get into an on board flight system unless it is connected to an outside source? Maybe flight companies should reconsider making their systems opened to the world wide web where hackers can gain access.

Probably injected when on board software was updated.

 

[Deuce]

It is nothing but shear incompetence that this was allowed to happen. The system used to monitor the aircraft before take-off should operate under a closed network at all times. If you need any kind of firmware or software update, it should be done manually with physical access. Anti-Virus software is worthless, the only real defense is to avoid the attack vector in the first place.

That's probably precisely when the malware got in. There aren't that many ways to get data of any kind into those computers.