Welcome!

Enterprise IT Context for the CTO

Bob Gourley

Subscribe to Bob Gourley: eMailAlertsEmail Alerts
Get Bob Gourley via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Blog Feed Post

The Air Traffic Control System: We all assumed it was vulnerable, but now we know

Bob Gourley

There have been rumors in the security community for several weeks now about outages in the Swedish Air Traffic Control System that may have been caused by malicious activity.  Now reporting indicates these rumors may in fact be true.

There have not been any official government reports on this, and there is no publicly available forensic information we can analyze, but press reports indicate that outages between 4 and 9 November that were initially attributed to solar flares were actually due to Russian sponsored attacks.

International Business Times reports that:

Swedish authorities traced the source of the attack to an Advanced Persistent Threat (APT) group that has previously been linked to the Russian military intelligence agency, Spetsnaz GRU. Although Sweden is not part of Nato, it was so concerned that it sent urgent messages warning neighbouring countries that are Nato allies about the ongoing cyberattacks.

 

We believe this reporting is valid for two reasons:

  1. No one in the Swedish government is denying them or burning the source in any way
  2. The reporters covering this story and the outlets they represent are generally known to do good work and have reported reasonably accurately in the past.

 

Our assessment: Now that this attack vector has been proven to be successful and now that it has occurred with no consequences to the attacker, we can expect more attacks like this in the future.

For more on reporting on cyber threats sign up for the daily Threat Brief.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder and partner at Cognitio Corp and publsher of CTOvision.com