Risking chaos in the sky
Higher tech makes flight ops more vulnerable.
FAA’s Next Generation ATC system promises more efficient operations at higher traffic density. But it may open new vulnerabilities to high-tech disruption.
It is a grim vision of what may lie ahead. This February, barely a month after Operation Aurora was uncovered, authorities reported yet another major incident of cybercrime. In one of the largest and most sophisticated cybercriminal attacks yet seen, intruders broke into more than 75,000 computer systems at nearly 2500 companies around the world.
The attack targeted corporate data, e-mails, credit card transaction data and login credentials at companies in the health and technology industries in 196 countries. Called the “Kneber bot,” the intrusion appears to have been run by a criminal ring in eastern Europe.
It lured employees at the target companies to download malware or open e-mail carrying infected attachments. The malware then commandeered the user’s computers, scraped them for login names and passwords, then used that data to hack into still more systems.
These attacks showed a sophistication approaching that of nation states such as Russia and China, according to Amit Yoran, CEO of NetWitness, a Virginia-based computer security firm. In addition to private companies said to include Boeing and Lockheed Martin, Internet service providers and educational institutions, the group penetrated 10 government agencies.
According to some accounts, FAA was among them. Kneber reportedly began by targeting credentials for online social networks, financial services, and e-mail accounts. Facebook and Yahoo login data appear to have been particularly prized. More recently, the ring has begun to target banking and financial equity trading sites.
It was able to steal some 68,000 login credentials in just 4 weeks. It was believed to have been operating for 18 months as of February. In one sense, Kneber was nothing new. It was built with a toolkit called ZeuS, which hackers have been using for years to assemble networks of commandeered computers, known as botnets.
It used to be that serious hacking required advanced skills in network operations, computer security and other arcana. ZeuS changes all that. It is a prepackaged intrusion tool, and with a little study almost anyone can use it to launch an attack.
Less powerful tools have long been available for use by “script kiddies,” as more capable hackers sometimes derisively call them, but this new generation of software has dramatically raised the danger level for networks that once could have been considered safe.
The situation may be still more dangerous, owing to what appears to be another innovation. More than half of the computers infected by Kneber also contained spamming software built with Waledac, another high-powered intrusion tool. And that, according to Alex Cox at NetWitness, brings up an unpleasant possibility.
Let’s say that computer security firms devised a cure for the Kneber infection and destroyed the botnet. In theory, the ring could still use the Waledac malware to enter the computer. They would then rebuild their Kneber software and recapture the machine.
Suddenly, getting rid of an infection no longer means that it is gone for good, or even for long. By combining ZeuS and Waledac, or pairing any of several other such tools, even beginning hackers can now mount a cyberattack that is both devastating and devilishly hard to get rid of.
This February, officials from 18 federal agencies, 9 states, 4 foreign governments and nearly 40 private companies took part in a war game called Cyber Storm II, run by the Dept of Homeland Security. It simulated an attack originating from Sudan and spread through an NCAA basketball tournament application for cell phones.
The attack took down both telephone land lines and Internet connections, stock exchanges and—in a clear indication that computer security authorities take this threat seriously—the ATC system. During the 4-hour, $6-million exercise, security experts were never even able to pinpoint the source of the attack. To many, it appeared to have come from Belgium.
Attempts to bring the attack under control proved both informative and disturbing. At an emergency meeting of a mock Natl Security Council, it became clear that, to prevent further spread of the virus, the government needed to take people’s cell phones off line. “We don’t have the authority in this nation as a government to quarantine people’s cell phones,” the stand-in attorney general reported.
It was just one of many technical, legal and regulatory obstacles that made it difficult to deal with the simulated cybercrisis. In the end, the group concluded that the US is simply not prepared to face a major cyber assault.
That assault may never come, at least to the ATC system—yet, if it comes at all, ATC is a logical target. And despite the Obama administration’s stated priority of fixing cybersecurity, the national airspace seems poised to become much less safe over the next decade or so.
FAA’s NextGen system is intended to take most ATC functions out of the control tower—where flight controllers are already stretched almost to breaking point—and move them into the airplane. According to plan, this should make it much easier to govern the airspace in 2025 and beyond, when it will be shared by an estimated 80,000 flights per day.
For our current purposes, NextGen has certain key features. Flightpaths will be tracked by GPS, rather than radar. Pilots will view horizontal and vertical navigation data for the aircraft and its neighbors on an automatic dependent surveillance–broadcast (ADS-B) display.
Shanghai Jiaotong University, one of China’s premier computer science schools, is also a breeding ground for computer hackers and military cyberspies.
Data for aircraft not in the NextGen system—mostly small private aircraft—will come from ground control. Aircraft will automatically report their positions to nearby airplanes within the system and recommend course changes to controllers on the ground.
In an emergency, the onboard guidance system will take action on its own, although the hope, of course, is that emergency maneuvers will become even less common once NextGen goes into operation. But NextGen could easily create hacking opportunities far beyond anything in today’s ATC system.
“The air traffic control backbone is going to look a lot like the Internet,” comments Tom Fuhrman, an expert in computer security and senior vp at Booz Allen Hamilton, which has managed much of the development program for FAA. “It will be a large network using common technology and common platforms, and it will be vulnerable to the same kinds of threats, such as viruses or cyberattacks,” he commented in an interview this February.