The Public Eye with Eric Chabrow

Flight 370 Investigation: Cyber Ties

Factors Similar to a Cybersecurity Case
Flight 370 Investigation: Cyber Ties
Malaysian Airlines Capt. Zaharie Ahmad Shah (YouTube)

The investigation of the disappearance of Malaysian Flight 370 is raising issues that are very similar to those considered in cybersecurity cases: the insider threat, deleting potentially key data from a computer, failure to share critical information and even corruption of the supply chain.

See Also: Live Webinar | Navigating Identity Threats: Detection & Response Strategies for Modern Security Challenges

Some have raised suspicions about insiders, namely the two pilots: Capt. Zaharie Ahmad Shah, 53, and co-pilot Fariq Abdul Hamid, 24. Malaysian police determined that some data on a computer system used as a flight simulator in Shah's home was erased on Feb. 3, more than a month before the flight. Malaysian authorities have asked the FBI to try to recover the missing data. And the FBI says it appears highly likely it will be able to retrieve the deleted material, according to news reports.

In the case of Flight 370, a transponder that signals to ground controllers the location and speed of the aircraft apparently was turned off or otherwise disabled, suggesting that one of the pilots - an insider - did it. Similarly, experts believe someone - again, perhaps one of the pilots - reprogrammed the flight path in the aircraft's flight management system to veer the Malaysian jetliner away from its original destination of Beijing toward the Indian Ocean.

Could implementing a two-person rule where the pilot and co-pilot each must approve such changes prevent such acts? The NSA, for instance, is implementing a two-person rule that requires two individuals with security clearances to approve access to classified material to prevent a future Snowden-like leak. But such a requirement 35,000 feet in the sky isn't worth the risk. What if one of the two pilots became disabled?

Failure to Share Critical Information

As with many cybersecurity incidents, it appears that in the case of the missing airliner, there was a failure to share key information that could help mitigate the problem. More than a week after Flight 370 went missing, Thailand's Air Force said it might have detected the missing plane on its military radar minutes after the aircraft's communications went down.

And as I alluded in my most recent blog, Hacking a Boeing 777, supply chain risks exist that could introduce vulnerabilities into an aircraft's IT systems. Whether at five miles in the sky or at sea level, computer components purchased from vendors could be corrupted to alter systems that create an undesirable or dangerous environment.



About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.