back to article Oddly specific 'cyber attack' hits Alaskan airline RavnAir and one plane type

A small Alaskan airline has suffered a curiously specific "cyber attack" that mostly affected its De Havilland Dash 8 airliners. RavnAir Group declared on 21 December that it had "experienced a malicious cyber attack on our company's IT network" the day before, causing it to cancel all of its flights operated with Dash 8s on …

  1. andro

    It seems likely that the plane had old software on an old windows system and may have just been vulnerable when other systems were not. It sounds unlikely the dash 8 or the airline were targetted specifically.

    1. yoganmahew

      More likely the maintenance system ran only on old operating systems, Win XP or older.

      If it is the maintenance systems scrambled and they don't have a historical backup, the planes are effectively scrap. Without a documented maintenance history, they won't be permitted to fly (leaving aside the maintenance scheduling aspects and the requirements to confirm). It may be they can fallback to paper, but my guess is the paper processing skills have long since been made redundant.

      I've said it before, airlines are enormous nickel-and-dime IT shops with shiny planes in front of them. Without IT, your airline is grounded, there are many, many components to that IT and generally you can't just go to pilotjobs.com and hire in something different.

      1. Cynic_999 Silver badge

        It is highly unlikely that there will not be paper backups. All aircraft maintainance I have ever known have have involved paper check forms, log books and physical signatures.

        1. Anonymous Coward
          Anonymous Coward

          Incorrect... and only know this because I literally wrote part of the backend for just such a paperless end-to-end system that went operational a few years ago :)

  2. getHandle
    Happy

    Shame one of their other airlines wasn't called PenTestAir...

  3. Dwarf Silver badge

    They probably flew in some experts to resolve the problem

    Oh, hang on ....

  4. Quentin North

    old aircraft maintenance systems

    I used to work on fixed and moving wing aircraft maintenance records systems last century and the likelihood is, give that they are using the older dash 8 , that the system has not been upgraded either and is probably still running on NT or 98. If you can't see the maintenance record of the aircraft it shouldn't be flown, thats the most likely reason for the cancellations. Its unlikely that the aircraft itself was compromised.

  5. Anonymous Coward
    Anonymous Coward

    My guess

    If it only affected the maintenance of their dash 8 fleet, maybe it only affected the hangar where that's done. EG. maybe someone stuck a dodgy USB stick in one PC in that building and they pulled the plug while over in the Boeing (or whatever else they fly) hangar they weren't affected.

  6. Anonymous Coward
    Anonymous Coward

    Ex airline engineering IT

    Not at all out of the ordinary for particular aircraft variants - even specific _airframes_ - to have specific software for those craft alone. Common culprits are stuff like engine diagnostic downlink, stuff like that. I can definitely name specific bits of kits / parts of IT infrastructure being knocked out leading to certain airframes not flying the next day.

    Alas, standardisation = $$$ in airplane world.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020