📷 Key players Meteor shower up next 📷 Leaders at the dais 20 years till the next one
NEWS
Public health and safety

FAA hit by cyberattack, finds no damage

Bart Jansen
USA TODAY
An air traffic controller works in a terminal radar approach control room in Peachtree City, Ga., on April 18, 2011.

The Federal Aviation Administration discovered malicious software from email in its computer system in early February, but the agency said Tuesday it found no damage from the cyberattack.

"The agency immediately took steps to block and contain the virus and clean any affected computers," the FAA said in a statement. "After a thorough review, the FAA did not identify any damage to agency systems."

The incident was first reported by Nextgov.com.

The FAA revealed the incident April 2 in announcing a single-source contract with SRA International Inc. of Fairfax, Va., to provide support services for the FAA's Cyber Security Management Center's security operations center.

The initial four-month contract could continue until Feb. 29, 2016, as the FAA decides how to hold a competition for the contract.

"The FAA requires additional planning time to determine the impact of the competitive procurement's requirements," the FAA announcement said.

Security experts have warned for years about the threat of cyberattacks on aviation, possibly to shut down the air-traffic control system or to send wrong information to controllers and pilots. But the extent of the threat is difficult to quantify.

Jeff Price, associate professor of aviation management at Metropolitan State University in Denver, said cyber threats so far have focused on airline reservation systems, which can disrupt flights for hours and cost millions.

"Most of the attacks are service disruptions, but a few do affect safety and security," Price said.

The potential threat is that hackers could shut down a radar facility or put up false information through air-traffic control for planes that are landing or avoiding one another, Price said. The risks could grow as the industry shifts from radar control to GPS navigation, under a program called NextGen.

"This may open up a Pandora's box of cyberattacks on aviation," Price said.

A Government Accountability Office report released in March said cyber threats to the FAA "are evolving and growing" from sources including criminals, foreign governments, terrorists and other adversaries. Despite FAA efforts to safeguard air-traffic control, "significant security control weaknesses remain," the report said.

"These shortcomings put (National Air Space) systems at increased and unnecessary risk of unauthorized access, use or modification that could disrupt air traffic control operations," the GAO report said.

The FAA's ability to coordinate 46,000 controllers monitoring thousands of flights at a time relies on more than 100 systems processing radar, weather, flight plans and navigational guidance.

"Safeguarding federal computer systems and the systems supporting the nation's critical infrastructures, including the NAS, is essential to protecting national and economic security and public health and safety," the GAO said.

Featured Weekly Ad