Russian hackers attacked U.S. aviation as part of breaches
(Bloomberg) -- Russian hackers attempted to penetrate the U.S. civilian aviation industry early in 2017 as part of the broad assault on the nation’s sensitive infrastructure.
The attack had limited impact and the industry has taken steps to prevent a repeat of the intrusion, Jeff Troy, executive director of the Aviation Information Sharing and Analysis Center, said Friday. Troy wouldn’t elaborate on the nature of the breach and declined to identify specific companies or the work that was involved.
“It hit a part of our very broad membership,” Troy said. The intrusion wasn’t something that would directly harm airplanes or airlines, he said. “But I did see that this impacted some companies that are in the aviation sector.”
Troy’s comments confirmed the effects on aviation of a Russian attack that was described more broadly on Thursday by U.S. government officials. The assault was aimed at the electric grid, water processing plants and other targets, the officials said, in the first formal confirmation that Russia had gained access to some U.S. computer systems. The Department of Homeland Security and Federal Bureau of Investigation identified aviation as one of the targets, but didn’t provide specifics.
The trade group Airlines for America declined to comment on the report.
Troy’s group, also known as A-ISAC, represents aircraft manufacturers, equipment suppliers, satellite builders, airports and airlines, among other elements of the broad industry. Similar groups monitoring cyber-attacks across more than a dozen sectors of the economy were formed by a presidential directive in 1998 and were bolstered several years later after the Sept. 11, 2001, attacks.
Troy said the aviation assault was detected in the early stages when hackers typically perform surveillance, test a network’s defenses and devise the software weapons to use.
In the energy industry attack, the hackers used smaller companies’ networks to insert malware that allowed them to then gain access to power plant computers, according to the government alert Thursday.
A disruption of the airline and private-aircraft systems could have enormous economic and psychological effects. In recent years, several airlines have had to halt operations and suffered millions of dollars of lost revenue when their computer reservation systems crashed, for example. Terrorists have long targeted aviation because of its out-sized impact on society.
The focus on the aviation sector highlights the risks to large infrastructure systems from cyber intrusions, said Lance Hoffman, distinguished research professor at George Washington University’s Department of Computer Science. Aviation companies like airlines, along with systems like the air-traffic control network, operate with increasingly connected computers that are inherently vulnerable to hacking, Hoffman said.
“How do you build a system and test it and get it right?” he said. “That is a hard question.”
Bloomberg News reported in July that Russian hackers had breached more than a dozen power plants in seven states, an aggressive campaign that has since expanded to dozens of states, according to a person familiar with the investigation.
--With assistance from Jennifer A. Dlouhy and Michael Riley