There was no shortage of major security stories last week, ranging from the Samsung vulnerability that affects some 600 million users to continuing coverage of the leak at the US Government’s Office of Personnel Management. That leak, by the way, now seems to have affected as many as 18 million people, including former, current and prospective federal government.
So among all of these major stories, it’s possible that you may have missed the considerably smaller story of what transpired at the Warsaw Chopin Airport last weekend. For about 5 hours last Sunday (June 21), flights by the country’s national airline LOT were grounded.
The flights couldn’t take off because the ground computers in charge of issuing the flight plans to LOT pilots had been hacked. The hack was able to ‘temporarily paralyze’ the computers that issue prepare flight plans for pilots. Pilots can’t fly planes without flight plans, so the planes were grounded until the problem was resolved.
In total, 20 flights were canceled, several other flights were delayed, and about 1,400 passengers were directly affected. This may sound like small potatoes compared to the other major stories of the week, but the implications considerably larger. After all, if hackers could ground 20 LOT planes, what’s to stop them from eventually grounding 200 planes from a larger airline?
LOT airline executives say passengers’ safety was never at risk during the hack. Indeed, the hack did not have any effect on airplanes that were already in flight, or flights that had already been issued their flight plans.
Still, it’s clear that this type of problem could cause greater havoc in the future. Furthermore, if it happened at a busier airport, the number of people inconvenienced would be far greater. Imagine a hack of this sort at Chicago’s O’Hare Airport or the London Heathrow Airport. Imagine that it took place on a Monday rather than a Sunday, or before a major holiday. “This is an industry problem on a much wider scale,” said LOT chief executive Sebastian Mikosz. “And for sure we have to give it more attention.”
It seems that the attack against LOT airlines was a Distributed Denial of Service attack, more commonly known as a DDoS attack. In such an attack, a computer system is overwhelmed by external communication requests and ceases to function normally.
If a single computer and a single internet connection are used to flood the server, the term DoS is used. If several computers are used, the attack is classified as DDoS. In such attacks, the computers that are used to carry out the hack are known as bots. These are ordinary computers that have been infected through malicious software and coopted into a botnet. The botnet is then activated by a third party when they decide to initiate an attack.
Clearly, you couldn’t have prevented the attack at Chopin International Airport. And unless you’re an airline executive, you can’t prevent a future attack of this from occurring at a different airport. However, as an individual with an internet connection, you can take measures to prevent your own computer from becoming part of a DDoS attack such as this one.
1. Make sure you have a firewall installed and turned on.
Firewalls act as a filter between your computer and the internet. They prevent information from being sent out, or allowed in. An intact firewall prevents your computer from acting as a bot.
2. Install an excellent antivirus and make sure it scans your computer regularly.
Firewalls don’t block viruses or malware, but an antivirus does. Make sure yours is on and active all the time.
3. Keep your software up to date.
By using the latest version of software, you protect yourself from vulnerabilities that may have been recently discovered and patched.
4. Don’t download files (including pictures, movies and more) from a source you don’t know.
Such files could install malware on your computer that transforms your computer into a bot.