Flight 370 Investigation: Cyber Ties

Flight 370 Investigation: Cyber Ties

Factors Similar to a Cybersecurity Case

By Eric Chabrow, March 22, 2014. Follow Eric @GovInfoSecurity
  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
Malaysian Airlines Capt. Zaharie Ahmad Shah (YouTube)
Malaysian Airlines Capt. Zaharie Ahmad Shah (YouTube)

The investigation of the disappearance of Malaysian Flight 370 is raising issues that are very similar to those considered in cybersecurity cases: the insider threat, deleting potentially key data from a computer, failure to share critical information and even corruption of the supply chain.

Some have raised suspicions about insiders, namely the two pilots: Capt. Zaharie Ahmad Shah, 53, and co-pilot Fariq Abdul Hamid, 24. Malaysian police determined that some data on a computer system used as a flight simulator in Shah's home was erased on Feb. 3, more than a month before the flight. Malaysian authorities have asked the FBI to try to recover the missing data. And the FBI says it appears highly likely it will be able to retrieve the deleted material, according to news reports.

 As with many cybersecurity incidents, it appears that in the case of the missing airliner, there was a failure to share key information that could help mitigate the problem. 

In the case of Flight 370, a transponder that signals to ground controllers the location and speed of the aircraft apparently was turned off or otherwise disabled, suggesting that one of the pilots - an insider - did it. Similarly, experts believe someone - again, perhaps one of the pilots - reprogrammed the flight path in the aircraft's flight management system to veer the Malaysian jetliner away from its original destination of Beijing toward the Indian Ocean.

Could implementing a two-person rule where the pilot and co-pilot each must approve such changes prevent such acts? The NSA, for instance, is implementing a two-person rule that requires two individuals with security clearances to approve access to classified material to prevent a future Snowden-like leak. But such a requirement 35,000 feet in the sky isn't worth the risk. What if one of the two pilots became disabled?

Failure to Share Critical Information

As with many cybersecurity incidents, it appears that in the case of the missing airliner, there was a failure to share key information that could help mitigate the problem. More than a week after Flight 370 went missing, Thailand's Air Force said it might have detected the missing plane on its military radar minutes after the aircraft's communications went down.

And as I alluded in my most recent blog, Hacking a Boeing 777, supply chain risks exist that could introduce vulnerabilities into an aircraft's IT systems. Whether at five miles in the sky or at sea level, computer components purchased from vendors could be corrupted to alter systems that create an undesirable or dangerous environment.

Follow Eric Chabrow on Twitter: @GovInfoSecurity

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Senate Scrutinizes EHR Interoperability

Electronic health record interoperability and secure health information exchange have been key...

Latest Tweets and Mentions

ARTICLE Senate Scrutinizes EHR Interoperability

Electronic health record interoperability and secure health information exchange have been key...

The ISMG Network