Monday's holiday outage that suspended over 1,000 flights was blamed on a technical issue. Photo: DANIEL LEAL/AFP
In In practice, under a doomsday scenario, a successful hack by a nation-state or terrorist group could lead to mass flight departures, delays, and huge losses for airlines.
Though officials believe the risk to life from such an attack is «low». «, a catastrophic cyberattack could still cause «serious damage» from a commercial perspective, according to a 2018 DfT report.
Ciaran Martin, former head of GCHQ's National Cybersecurity Center (NCSC), tweeted: «People are asking, 'What if hackers disabled air traffic control?' This is the response we see today in case of an accidental failure: switch to backup methods, huge delays and costs, but no additional risk to the safety of people.”
Controllers were forced to enter flight data manually instead of relying to the automated system, resulting in a significant slowdown, albeit a short one. full grounding of aircraft.
In the past, air traffic control systems have been targeted. Earlier this year, the European air traffic control authority was attacked by Russian hackers. Eurocontrol said it was targeted, although it was able to successfully defend itself and flights were not disrupted.
NATS maintains a «close working relationship» with the UK security services to guard against the risk of cyberattacks. , according to the annual report, including NCSC.
As the company is seen as a critical infrastructure, UK security services will be involved in preparing the company for possible cyber attacks. This will require testing its security through so-called «penetration testing», where hackers try to find vulnerabilities that attackers can exploit.
Previous National Air Traffic Service Issues
However, the NCSC will not control every aspect of IT.
p>
A spokesman for NATS said he was unable to comment on cybersecurity issues, but noted that he had «many layers of assurance.»
Professor Alan Woodward, a computer science expert at the University of Surrey, says recent outages demonstrate that a cyber-attack on a «peripheral» system, such as a flight plan download system, could be damaging.
He said: “It shows that if you could remove it, it would be very destructive. You can certainly stop a lot of planes on the ground.»
As far as the risk of hacking into the aircraft itself, until now, aircraft have mostly been regarded as extremely difficult targets. They rely on closed systems that require a hacker to have physical access to the aircraft's internal information systems.
Although the cause of the software failure in NATS has not yet been confirmed, a group that is partly owned by the government, airlines and Heathrow Airport and makes money on charges paid by aircraft operators has experienced failures in the past.
In 2013, his internal telephone lines failed, which led to flight cancellations. In 2019, 50 flights were canceled due to radar issues.
NATS is undertaking a massive IT upgrade, including a £750 million phase-out of old technology and tools. In some cases, this has led to the transfer of accounting from paper documents to digital systems. Just two weeks ago, it signed a contract with BT for a massive upgrade of its cybersecurity technology.
Sune Engsig of tech company Leapwork said: “Aviation, like many industries, relies on a patchwork of old technologies. as well as new technologies and software components that have evolved over time.
“With every update and new technology, entire processes and workflows need to be retested to make sure everything works as it should, and As a result, loosely stretched IT teams have to manipulate a lot.”
Свежие комментарии