United Airlines said it had no further detail to add to its explanation for this week’s service disruption, which was caused by a router. It’s the latest in a series of technical glitches experienced by the airline – and its customers -- since adopting Continental Airline’s passenger management system in 2012 after United acquired it in 2010.
Since United isn’t talking, it’s anyone’s guess outside of United what occurred in the router to interrupt service. There’s some discussion on Reddit that a route misconfiguration leak caused by a new site turn-up “blackholed” one of United’s vital data centers.
There are reports that an “automation issue” took down the router and the United network. Network World blogger Scott Hogg, CTO for Global Technology Resources, says the router could have been running an automation script that pushed faulty configuration commands to other routers.
And even though United indicated it was an internal operation that crippled its service, Network World blogger Linda Musthaler says airline flight plan systems are highly susceptible to DoS attacks. She wrote recently of Polish airline LOT unable to issue flight plans to pilots due to a DoS attack, thereby suspending flight operations.
From Musthaler’s blog:
Aviation experts say that many other airlines could be at risk of a similar DoS attack because they use the same type of system to upload company-generated flight plans to planes. Although the potential exists for hackers to upload bogus flight plans, these plans are not directly input into onboard computer systems on the planes. What's more, pilots are most likely to notice if they are given incorrect flight plans. So within the aviation industry, the concern is less about hacking into flight plans than it is about DoS'ing the computers that communicate those plans to the planes that are preparing for takeoff.
Musthaler suggests the same DoS attack could have befallen United in the outage in June, and perhaps this week.
More from Cisco Subnet: