154 killed by malware?

Did a malware infection play a  part in killing 154 people in the crash of Spanair 5022 at Madrid’s Barajas airport?  According to a story in Spanish news paper El Pais, quite possibly.   Investigators have found that the computer system used to track maintenance faults in Spanair’s jet fleet was infected with “Trojan Horse” programs, causing it to fail on the day of the crash.  Had the system been up and running, maintenance and flight crews would have possibly received an alert that the aircraft for flight 5022 had experienced repeated technical problems in the days leading up to the crash which should have led to the plane being grounded.   Now, to be fair, Spanair was also under investigation for taking too long to enter fault information into the computer system in the first place, so the malware infection may be just one factor in the cause of the crash.

It is amazing to me that a critical maintenance system would be:

  • Allowed to become infected with malware – was the machine running up to date anti-malware software?  Was the machine allowed to connect to the Internet or use USB storage devices?  It seems to me that a system which is so critical to safety needs to be isolated from the Internet, or at least run within a virtualized sandbox protected from other processes.
  • Not configured for redundancy – why was there no backup for this system?  Hardware fails.  Software fails.  The unexpected happens.  Having a backup system might have saved 154 lives.

I wonder how many other safety critical systems are out there running on improperly secured platforms… IT and InfoSec professionals in industries which deal in life and death have a responsibility to think about the possibility of life safety related impacts from what would be annoying incidents in other industries.  Had Spanair followed some very basic InfoSec and IT bast practices, 154 lives might have been saved.

Leave a Reply