Malware accused in fatal plane crash ...

Ron Beaufort

Lifetime Supporting Member
Join Date
Jul 2002
Location
Charleston, SC
Posts
5,701
Last edited:
You have to wonder if the articles are written in a misleading way on purpose, or if the writers and editors just don't care about technical detail. That article came from TechNewsDaily, who claim that they try to make technical news accessible to nontechnical readers.

The article implies that the infected diagnostic computer was "in the aircraft", but also says it was a "central computer". I'd say the article is trying hard to imply that a malware infection caused malfunction of the aircraft's onboard systems.

Of course not.

My guess, after reading a Wikipedia article and one in The Register is that the infected computer was part of a maintenance and diagnostic system that downloads reports from the aircraft's onboard computers every time the airplane connects. I presume this is during turnaround; I doubt that there is a data connection from a 1990's era MD-82 in flight.

The investigation of JK5022's crash has gone into significant detail on the minor maintenance mistakes made prior to the crash, but the Spanish aviation authorities agree that all three of the safeties (configuration checklist, confirmation checklist, and onboard indicator) were ignored and allowed the pilot of that MD-82 to throttle up with his slats and flaps retracted.

Accidents are seldom accidental.
 
For many years, bad programmers build trojans in the program controllers.
If the customer pays for the work completely, then they remove the Trojans.
Otherwise, after some time the equipment stop - the time bomb is triggered.
In Russia there were many such cases - especially a lot of criticism on the Italians.
During a crisis, people can lose all moral principles.
 
Greetings Ken ...

you're absolutely right – and trust me, I hesitated to post that – for pretty much the same reasons that you mentioned ... I usually don't go in for "the sky is falling" type alarms ...

but ...

the fact is that viruses (and other such nastiness) seem to be getting worse and worse – and closer and closer to home ...

I offered the piece as just "something to think about" when it comes to the type of gear that gets plugged into the control systems that we work with ... from a PLC standpoint, hopefully we'll never be plagued by this sort of thing ... but nowadays it's getting more and more common for the PLC to be just one short step away from a "vulnerable" computer – and from its network ...

personally, I've always campaigned for programming the PLC so that it could (in an emergency) "stand alone" and keep the plant running ... in simplest terms, put the basic recipes for Widget-A and for Widget-B INSIDE the PLC program – and then allow the SCADA/HMI system to select which one of those recipes gets executed ... then – if some misfortune befalls the SCADA/HMI system - a knowledgeable technician could toggle a bit or two and at least get the plant back into a "let's-make-SOMETHING" type of emergency operation ...

I'm aware of several systems that incorporated ALL of the recipes in the SCADA/HMI – which forced the plant's PLC-controlled machinery to sit idle for a day or two while the IT department replaced and commissioned a new "white box" computer that had crashed ... personally, I see that as an "unwise" type of arrangement ... the PLCs are pretty much bullet proof – but more and more they're being married to some type of vulnerable computer and/or network configuration ...

question to think about: if the "white box" computer gets trashed, will the PLC still be able to keep the plant in at least "some type" of emergency operation? ... if the answer is "no" – then I'd suggest that we be mindful of how that indispensable computer gets treated ... and there are a lot of scumbags out there who are intent on trashing that computer ...


that was my point ... party on ...
 
I would hold judgement until more details comes out. The crash happend 2 years ago and they only found about this "malware" now? I like to see the actual investigative report on this without the media filtering.
 
to answer a PM from harryting ...

Harry ...

I assure you that I didn't take your post as anything personal against me - and I didn't mean anything against you personally either ...

it's just that my original post in that thread had a point to make ...

Ken apparently missed the point ... so I wrote a LOT more ... then it seemed like you had missed the point too ... I'm not sure WHAT more I could write to nail the point down any better ... but – let me try again ...

my ONLY point had ZERO/NOTHING to do with the "controls" involved in that unfortunate plane crash ... instead I intended to use the crash as a specific example to advance the thoughts that:

(1) "white box" computers seem to be more-and-more involved in everything being controlled these days ...

AND ...

(2) "white box" computers seem to be more-and-more vulnerable to malware attacks these days ...

SO ...

(3) since our PLCs are connected more-and-more with "white box" computers, perhaps we should be mindful of this situation ...

that's all ... and now I really and truly do "give up" ... if someone disagrees with the three thoughts I've advanced above – so be it ... I apologize if I didn't make myself more clear in my original post ...

peace to all ...
 
Last edited:

Similar Topics

More hack issues on PLCs The Hacker News: Hackers Distributing Password Cracking Tool for PLCs and HMIs to Target Industrial Systems...
Replies
1
Views
1,247
https://www.digitaljournal.com/pr/schneider-omron-targeted-by-electricity-grid-malware If you are using these PLCs, you may want to dig into this...
Replies
2
Views
1,674
Anyone else heard of PIPEDREAM? Is it a real threat or hype? What can we do to protect control systems from malware (other than refusing to...
Replies
5
Views
2,480
Salve ragazzi... questa volta non so proprio da dove iniziare... ho bisogno di un immensa mano.ù volevo sapere cosa si deve fare per risanare il...
Replies
4
Views
2,608
I have a weird question, or at least I think so. It is not something I would do, and I have never met people that would do things like this. I...
Replies
37
Views
10,523
Back
Top Bottom