BUFFALO, N..Y. (WBEN) "My first thought was that something dramatic was happening with the FAA putting a ground stop on every single flight in the country for the first time since 9-11," said Cyber security consultant Michael McCartney on WBEN.
It was determined very quickly that it was the NOTAM system, or Notice To Air Missions, which warns pilots of hazards on their route including closed air space or runway closures or even bird activity in an area.
"The system went down almost simultaneously around the country. In an abundance of caution, the FAA grounded all flights. Being a cyber person, I immediately wondered if this was a cyber attack, or is this just another antiquated system that had a critical system failure that rippled through the
NOTAM system," wondered McCartney.
Is this an example of just how vulnerable computer systems are to an attack that can bring an industry to its knees, whether it's from a malfunction or a hack form the outside?
"Absolutely," added McCartney. "With all of the scrutiny that Southwest Airlines faced recently for an antiquated scheduling system, I think the FAA is going to come under more significant scrutiny. They are running antiquated systems and receive a ton of funding from the federal government. I recently read that the systems they are using are ten to fifteen years old. They were designed to handle about 100-million flights a year. Currently we're seeing about a billion flights a year."
Less than 2 hours after the U.S. grounding order was restored Wednesday, the Canadian Pilot-Alert system went down. Canada's NOTAM system outage lasted for nearly three hours.
NAV Canada spokeswoman Vanessa Adams told Global News the outage was a coincidence. "We are still investigating the root cause of the failure," she said in an email statement. "At this time, we do not believe the cause is related to the FAA outage experienced earlier today."
"The fact that their NOTAM system went down the same day, tends to lead me to think that maybe this could be a cyber attack," said McCartney. "But keep in mind, if our intelligence community thinks it is, they're not going to tell us anytime soon. And if forensic investigation is conducted, it's going to take time. To get to a high degree of forensic certainty, that this was some type of
cyber attack, it will take time and if they do determine it is, it will be interesting to see if they tell us," he added.
When it comes to safeguards, we asked McCartney if it's important to have analog back-up systems?
"The biggest failure, other than running old systems that can't handle current transactions, is redundancy. When it comes to ransomware the biggest defense is redundancy, having a backup system that can run if the primary system is going down. You can revert very quickly to the redundancy system to keep things going. I think we're failing in that regard at the airline level and at the FAA level and even at a corporate level," he added.
