PL Risk Blog

FAA Bug reveals the dangers of Legacy Systems

Written by Drew Smith | Jan 18, 2023 4:54:57 PM

 

On Wednesday, January 11th, the FAA issued a nationwide ground stoppage, the first of its kind since the 9/11 attacks. The reasoning was a corrupted file in a very important system that revealed the vulnerabilities of aging computer systems that can bring one of the world’s biggest airspaces to a standstill. These legacy systems aren’t just limited to the FAA, it is a problem endemic in many businesses.

The system that ground US airspace to a halt is called the NOTAM, or the Notice to Air Missions systems. NOTAM, originally called NOTA, or Notice to Airmen, is a system of reports developed in 1947 that allows information to be passed to pilots around the country. This information includes ground stops, weather data and even government reports. This system was originally phoned in but now it can go almost every pilot within a few minutes thanks to the internet. This report helps pilots and even air traffic control determine where they can fly and how they can fly around weather.(1)

Late into Tuesday night on the 10th, a corrupted file in the programing, which is going on 30 years was discovered and the backups were initiated. When the back ups failed, out of an abundance of safety the FAA ordered US airspace to shut down. All flights were to be grounded and all flights in the air were warned about this. For several hours, flights were unable to get in or out as the FAA worked through the day to get the system going again. But the damage is done as the FAA is being investigated by those in the Department of Transportation over this debacle.

The NOTAM issue was the result of a common problem in many businesses called legacy systems. Companies like Apple, Windows and Samsung regularly issue updates and created new operating systems for their products. Over time the older products become outdated and eventually support stops for them, most of them known well in advance. These systems then become obsolete or there aren’t people that know how to fix the systems as newer OS require different skill sets than the older ones. (2)

The problem is that many systems are built around the older systems, and they refuse to upgrade to newer systems fearing a complete loss of their servers and data. What this does is it means the systems aren’t getting updated with the latest patches, creating a massive vulnerability and liability. One of the more well-known breach of a legacy system breach was the DeutcheBahn train hack. During the Wannacry cyberattack in 2017, Deutchebahn was one of the highest profile hits, along with the UK’s National Health Service. Their breach was the result of running on Windows 7 or even older systems. In the US, many older infrastructure systems run on legacy systems, and they have not had the patience or funds to upgrade despite the breaches all over the world.

What happened with NOTAM was disruptive costly and possibly and indicator of things to come. While evidence suggests it was a bad file that caused this disruption, hackers know how to get into these systems. Upgrading and removing legacy systems is a good first step in improving your cyber security profile.