[IP] Malware kills 154

Bill Frantz frantz at pwpconsult.com
Tue Aug 24 18:04:14 EDT 2010 

This came in from SANS NewsBites Vol. 12 Num 67 : Did a computer 
virus cause the 150 deaths in the Spanair crash?

  --Judge to Examine Evidence on Malware in Spanair Fatal Air 
Crash Case
(August 20 & 23, 2010)
A Spanish judge will investigate whether or not malware on a Spanair
computer system had anything to do with the system's failure to raise
alerts prior to a 2008 airplane crash that killed 154 of 172 
people on
board.  The official cause of the crash was pilot error; the 
pilots were
found to have failed to extend the airplane's take-off flaps and slats.
However, the investigation also found that a warning system 
failed to
alert the pilots that the flaps and slats had not extended and 
had also
failed to do so on two previous occasions.  Each failure should have
been logged into Spanair's maintenance system, which was found 
to be
infected with malware.  Three failures would have triggered an alarm
that would have kept the airplane grounded until the problem was fixed.
The judge has called for Spanair to release computer logs for 
the days
before and after the crash.  The malware infection appears to have
spread through a flash drive.
Internet Storm Center: http://isc.sans.edu/diary.html?storyid=9433
http://www.securecomputing.net.au/News/229633,trojans-linked-to-spanish-air-crash.aspx
http://www.informationweek.com/news/security/management/showArticle.jhtml?articleID=226900089
http://content.usatoday.com/communities/technologylive/post/2010/08/infected-usb-thumb-drive-implicated-in-deadly-2008-spanair-jetliner-crash/1?loc=interstitialskip
http://www.theregister.co.uk/2010/08/20/spanair_malware/
http://www.msnbc.msn.com/id/38790670/ns/technology_and_science-security/
http://news.cnet.com/8301-1009_3-20014237-83.html?tag=mncol;title
[Editor's Note (Schultz): This is a potentially very significant turn
of events. If the loss of 172 lives can be traced to the 
presence of
malware, corporate executives and government officials are 
likely to
take security risk management much more seriously than they generally
now do.]

OBLegal: Please feel free to share this with interested parties 
via email, but
no posting is allowed on web sites. For a free subscription, 
(and for
free posters) or to update a current subscription, visit
http://portal.sans.org/

Cheers - Bill

-----------------------------------------------------------------------
Bill Frantz        | gets() remains as a monument | Periwinkle
(408)356-8506      | to C's continuing support of | 16345 
Englewood Ave
www.pwpconsult.com | buffer overruns.             | Los Gatos, 
CA 95032

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list