Security Short Take: Was the Polish LOT airline really hacked?

LOT Polish Airlines cancelled 10 flights and delayed 12 others on Sunday, saying its ground computer systems had been attacked. The attack kept the airline from creating flight plans for outbound planes, effectively grounding around 1,400 passengers at Warsaw Chopin Airport.

But questions later surfaced about whether the airline was actually attacked or something less sinister was going on.

Based on statements from the airlines and information from other sources, here’s what happened:

1. After initially reporting the attack, the airlines offered up a second statement noting an “IT attack that affected our ground operation systems.” The airline stressed that the problem did not affect any flights in the air or those that had already filed their flight plans.
2. The airline’s computer system was affected about 4 p.m. local time but was back in operation by about 8:20 p.m., according to TVN24.
3. About 45 minutes later, at 9:06 p.m., LOT released a third statement confirming that its ground system operations were back up and running.

In the aftermath of the problem, security experts raised questions on Twitter about the attack as it had been outlined by LOT. To them, it sounded more like a minor issue caused by someone improperly using the airline’s systems — not a full-fledged cyberattack.

Even if the problem turns out to be minor, concerns about airline safety and cybersecurity continue to arise. Earlier this year, for instance, the FBI contended that cybersecurity researcher Chris Roberts caused an airplane’s engine to climb after hacking its software. (Roberts wasn’t charged, but United Airlines banned him from its flights.)

With reports from Darlene Storm at Computerworld.