Published 4 November 2010
This summer we saw the release of the world's first cyber superweapon, which was said to be targeting Iran's nuclear facilities as well as infrastructure systems in China; the Stuxnet worm could break into computers that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like pumps, motors, alarms and valves; a similar cyber weapon could allow an attacker to take down air-control systems
Around the world, around the clock, circles of flickering screens keep aircraft apart in the air, ease them gently down to the ground, and guide their precious human cargoes off the runway.This finely choreographed global dance of large, speeding planes moved almost five billion passengers in 2009, according to data from Airports Council International.
What would happen, though, if all these screens went blank?
Inside the glass bulb of the Hong Kong airport control tower, a dozen staff watch the dots on their computers transform into planes rapidly descending from the sky. A few floors below, more staff sit at screens in a room with no windows and keep digital tabs on all of the city’s airspace, from the tip of the tower to far out over the South China Sea.
Computers, radar, navigation and weather data systems, radio communications — all work together to allow aircraft to land, take off, and taxi without incident.
Computers are vulnerable to cyber attack, though, and this worries the world’s intelligence community.
AFP reports that the head of Interpol, Ronald K. Noble, issued a stark warning to the international police agency’s first ever cyber-threat conference in Hong Kong in September. “We have been lucky so far that terrorists did not — at least successfully or at least of which we are aware — launch cyberattacks,” he told 300 of the world’s top law enforcement officials from fifty-six countries. “One may wonder if this is a matter of style. Terrorists may prefer the mass media coverage of destroyed commuter trains, buildings brought down. But until when?”
Within weeks of Noble addressing the conference, news broke of the world’s first cyber superweapon which was said to be targeting Iran’s nuclear facilities as well as infrastructure systems in China. The Stuxnet worm could break into computers that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like pumps, motors, alarms and valves.
It could, technically, make factory boilers explode, destroy gas pipelines, or even cause a nuclear plant to malfunction.
A worm is piece of malicious software (malware) which copies itself and sends itself on to other computers in a network, usually without the computers’ operators even knowing it is there.
At Hong Kong’s Chek Lap Kok airport, nobody seems particularly worried. Carl Modder is the senior man on deck in a control tower that handles a take-off or landing every minute of the day.
“Our system runs on
rails really,” Modder told AFP.
And we have multiple layers of contingency procedures and fall-back systems that can cut in when required to minimize risk of failure to the air traffic control system. For instance, we have four separate radar systems. They can all work independently. If one were to go down the others would still work.
Plus… The human element is also very much part of the system. The final decision to allow an aircraft to take-off or land is taken by a human, not a computer.
Ir Leung Ping-keung, the man in charge of the airport’s 50 technical systems, is certain that there is no risk from cyber attack. “It is a closed system,” he told AFP. “There is no connection between our systems and the Internet nor is there USB access.”
Yet computer security experts are not convinced.
Alan Paller, director of research at U.S.-based computer security organization the SANS Institute, says there is a fundamental weakness in the “not connected to the Internet” argument.
The average air traffic controller cannot email or surf the web from the control systems, he explained. “But when most managers say there is no connection to the Internet, they are unaware of maintenance connections,” he told AFP. “Behind the scenes there are almost always semi-direct connections through routers shared between the control system and business systems that can be exploited. Worms and attackers can find them easily.”
In January 2003, he said, the Bank of America reported that its ATMs had been disabled by an Internet worm — that was after the banks assured the world that their ATMs were “not connected to the Internet.”
The most serious cyber attack on the U.S. military came from a tainted flash drive in 2008 inserted into a military laptop in the Middle East which released malicious code that spread undetected in classified and unclassified systems.
It established “what amounted to a digital beachhead, from which data could be transferred to servers under foreign control,” Deputy Defence Secretary William Lynn said in August.
The threat is even greater now, Paller says. “One of the most virulent new vectors is smartphones — especially Android-based (the Google operating system) smartphones,” he said. “People plug them into their computers, even computers not connected to the Internet, not for data transfer but to recharge the battery — not knowing that behind the scenes their phones have been infected and are a carrier between the Internet and the better protected networks.”
In the skies, though, there is still, ultimately, a human in charge: the pilot. Hong Kong airline Cathay Pacific trains their pilots to face all eventualities they can think of, including a sudden collapse in the air traffic control system.
Blank screens could cause massive disruption but not necessarily disaster. “Pilots are still trained to fly visually,” a Cathay spokesman told AFP. “We also have communications with our aircraft and can keep them informed with what is going on.”
http://homelandsecuritynewswire.com/cyber-attack-could-paralyze-air-traffic?page=0,1
