Polish airline LOT was grounded after 'IT attack' took hold
Surely we can't be stuck in Warsaw? You are, and don't call me Shirley
An unspecified IT attack has left 1,400 passengers of Polish flag carrier LOT Polish Airlines stuck in Warsaw, after the company discovered it was unable to file flight plans for its departing aircraft.
Reuters reports that the airline's ground computer system — used to issue the flight plans — had been "hacked" on Sunday afternoon.
The system was "fixed" after five hours, leading to ten cancellations and a dozen or more flights being delayed.
LOT announced that it had "encountered IT attack (sic), that affected our ground operation systems. As a result we’re not able to create flight plans, and outbound flights from Warsaw are not able to depart."
"We'd like to underline, that it has no influence on plane systems. Aircrafts already airborne will continue their flights. Planes with flight plans already filed will return to Warsaw normally," it added.
The company used Twitter to tell world+dog what had happened.
Due to the failure of LOT Polish Airlines computer system a lot of flights were canceled today. Please contact the airline for details— Chopin Airport, WAW (@ChopinAirport) June 21, 2015
A LOT spokesperson said the company had taken care of the passengers on Sunday evening and claimed it was providing hotels for those who needed to stay in Warsaw overnight.
Spokesman Adrian Kubicki stated that at no point was the safety of ongoing flights compromised and flights destined for Warsaw were able to land safely. No other airports were affected, he added.
"We're using state-of-the-art computer systems, so this could potentially be a threat to others in the industry," Kubicki said. The attack is now being investigated by the authorities.
LOT's system is working again. All delayed flights will operate today.— Chopin Airport, WAW (@ChopinAirport) June 21, 2015
Details of the alleged IT attack have not been forthcoming, and reports about the "hack" have been a topic of debate amongst security researchers on social media, including Mikko Hypponen, chief of infosec firm F-Secure, and pseudonymous infosec researcher the grugq.
@mikko maybe. The story doesn't make sense, and most of the actual info so far suggests a "glitch" caused by an unauthorized user— the grugq (@thegrugq) June 22, 2015
The in-flight security of airliners has been a topic of much public alarm in recent months. Security researcher Chris Roberts claimed to have "hacked a plane" in May, and was subsequently nabbed by the FBI, despite avionics and entertainment systems being thoroughly isolated.
I'd say "told you so..." But I'm going to just hang back and see what the final vector is/was... https://t.co/x9cyYUvVQp— Chris Roberts (@Sidragon1) June 22, 2015
The Register has contacted LOT regarding the type, and result, of the attack experienced. We will update or follow-up this article when more information has been provided to us. ®