For the first time since 9/11, flights were grounded across the United States on Wednesday, January 11. Nearly 1,000 flights were cancelled and more than 6,000 were delayed due to a computer outage at Federal Aviation Administration (FAA).
The system in question, known as Notice to Airmen (NOTAM), is responsible for sending alerts to pilots to inform them about conditions that could affect their flights, such potential hazards, military exercises, runway closures, and transient air restrictions. Pilots are expected to review NOTAMs before starting their flight.
According to reports, a “corrupted file” impacted NOTAM’s primary and backup systems. Canada experienced the same outage, which delayed many flights.
The NOTAM system failed around 8:28 p.m. Eastern on Tuesday, blocking the distribution of fresh or updated alerts to pilots. The FAA used a telephone hotline to keep departures flying overnight, but an increase in daytime traffic overloaded the telephone backup system, resulting in the halting of all departing flights.
NOTAM is a vulnerable system. Strike Source spoke with Occupytheweb, a well-known cyber security expert and veteran hacker about them. He said, “NOTAM systems are ancient. They are old mainframe systems. It wouldn’t take a state-sponsored group to disrupt them, a skilled hacker could do it. The biggest NOTAM vulnerability is Remote Code Execution that disables the system permanently or long-term.”
While some cyber criminals do have a history of targeting the airline industry, those attacks focus on data theft, not attacking air industry equipment.
While a corrupted file is the reported cause of the outage, cyber criminals could potentially disrupt NOTAM systems. Until the FAA updates its systems, it leaves itself open as a target for malign actors. With the corrupted file as the alleged cause, the FAA may pour more resources into the technology and equipment used to monitor flight vulnerabilities.