This came in from SANS NewsBites Vol. 12 Num 67 : Did a computer
virus cause the 150 deaths in the Spanair crash?
--Judge to Examine Evidence on Malware in Spanair Fatal Air
Crash Case
(August 20 & 23, 2010)
A Spanish judge will investigate whether or not malware on a Spanair
computer system had anything to do with the system's failure to raise
alerts prior to a 2008 airplane crash that killed 154 of 172
people on
board. The official cause of the crash was pilot error; the
pilots were
found to have failed to extend the airplane's take-off flaps and slats.
However, the investigation also found that a warning system
failed to
alert the pilots that the flaps and slats had not extended and
had also
failed to do so on two previous occasions. Each failure should have
been logged into Spanair's maintenance system, which was found
to be
infected with malware. Three failures would have triggered an alarm
that would have kept the airplane grounded until the problem was fixed.
The judge has called for Spanair to release computer logs for
the days
before and after the crash. The malware infection appears to have
spread through a flash drive.
Internet Storm Center: http://isc.sans.edu/diary.html?storyid=9433
http://www.securecomputing.net.au/News/229633,trojans-linked-to-spanish-air-crash.aspx
http://www.informationweek.com/news/security/management/showArticle.jhtml?articleID=226900089
http://content.usatoday.com/communities/technologylive/post/2010/08/infected-usb-thumb-drive-implicated-in-deadly-2008-spanair-jetliner-crash/1?loc=interstitialskip
http://www.theregister.co.uk/2010/08/20/spanair_malware/
http://www.msnbc.msn.com/id/38790670/ns/technology_and_science-security/
http://news.cnet.com/8301-1009_3-20014237-83.html?tag=mncol;title
[Editor's Note (Schultz): This is a potentially very significant turn
of events. If the loss of 172 lives can be traced to the
presence of
malware, corporate executives and government officials are
likely to
take security risk management much more seriously than they generally
now do.]
OBLegal: Please feel free to share this with interested parties
via email, but
no posting is allowed on web sites. For a free subscription,
(and for
free posters) or to update a current subscription, visit
http://portal.sans.org/
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | gets() remains as a monument | Periwinkle
(408)356-8506 | to C's continuing support of | 16345
Englewood Ave
www.pwpconsult.com | buffer overruns. | Los Gatos,
CA 95032
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com