The Montreal-based International Civil Aviation Organization (ICAO) for months concealed a hack of its computers and allowed malware to spread throughout the airline industry, Canada’s public broadcaster reported on Wednesday.
The UN agency in November 2016 been was the victim of the “most serious cyberattack in its history,” Radio-Canada said.
Internal documents obtained by the broadcaster suggested a flawed response to the attack — believed to have been launched by a Chinese hacker group — mired in delays, obstruction and negligence, and attempts by staff to hide their incompetence.
Lockheed Martin was the first to raise concerns, alerting the ICAO that its servers had been hijacked to spread malware to government and airline computers.
In an e-mail to the ICAO, the Lockheed Martin cyberintelligence analyst described the attack as “a significant threat to the aviation industry.”
It had the characteristics of a “watering hole attack” that targets visitors to a Web site, the analyst said.
The agency is responsible for setting international civil aviation standards, including for safety and security.
The ICAO information technology team reached out to a New York-based information-technology agency affiliated with the UN to analyze the attack, but then rejected its expertise — not bothering to respond to e-mails for several days or transmitting unusable data.
It would take two weeks before an analysis revealed that the intrusion was actually an even bigger problem.
E-mail server, domain administrator and system administrator accounts were affected, giving hackers access to the passwords of more than 2,000 ICAO users to read, send or delete e-mails.
Within 30 minutes of the attack, at least one member state’s Web site, Turkey, had been infected, but the ICAO tech head continued to downplay its seriousness.
An independent investigation in 2017 would conclude that the malicious software used in the attack had been identified by ICAO anti-virus software a year earlier, but that the computers had still not been disinfected.
The ICAO said that the Radio-Canada report contained “many erroneous interpretations and conclusions,” and the gravity of the malware found on its servers “has been greatly exaggerated.”
“We’re not aware of any serious cybersecurity ramifications for external partners which resulted from this incident,” it said.
“And as a standards-setting body, with no operational role or mandate in aviation, the inference that our data security could pose risks to the combined aviation and aerospace sectors, or the general public, is grossly inaccurate,” it said.
It has made “robust improvements to its cybersecurity posture and approaches to mitigate further incidents,” the agency said.
In Ottawa, Canadian Minister of Transport Marc Garneau called the revelations “worrying” and vowed to discuss them with ICAO Secretary-General Fang Liu (柳芳).
Republican US lawmakers on Friday criticized US President Joe Biden’s administration after sanctioned Chinese telecoms equipment giant Huawei unveiled a laptop this week powered by an Intel artificial intelligence (AI) chip. The US placed Huawei on a trade restriction list in 2019 for contravening Iran sanctions, part of a broader effort to hobble Beijing’s technological advances. Placement on the list means the company’s suppliers have to seek a special, difficult-to-obtain license before shipping to it. One such license, issued by then-US president Donald Trump’s administration, has allowed Intel to ship central processors to Huawei for use in laptops since 2020. China hardliners
Conjoined twins Lori and George Schappell, who pursued separate careers, interests and relationships during lives that defied medical expectations, died this month in Pennsylvania, funeral home officials said. They were 62. The twins, listed by Guinness World Records as the oldest living conjoined twins, died on April 7 at the Hospital of the University of Pennsylvania, obituaries posted by Leibensperger Funeral Homes of Hamburg said. The cause of death was not detailed. “When we were born, the doctors didn’t think we’d make 30, but we proved them wrong,” Lori said in an interview when they turned 50, the Philadelphia Inquirer reported. The
RAMPAGE: A Palestinian man was left dead after dozens of Israeli settlers searching for a missing 14-year-old boy stormed a village in the Israeli-occupied West Bank US President Joe Biden on Friday said he expected Iran to attack Israel “sooner, rather than later” and warned Tehran not to proceed. Asked by reporters about his message to Iran, Biden simply said: “Don’t,” underscoring Washington’s commitment to defend Israel. “We are devoted to the defense of Israel. We will support Israel. We will help defend Israel and Iran will not succeed,” he said. Biden said he would not divulge secure information, but said his expectation was that an attack could come “sooner, rather than later.” Israel braced on Friday for an attack by Iran or its proxies as warnings grew of
IN PURSUIT: Israel’s defense minister said the revenge attacks by Israeli settlers would make it difficult for security forces to find those responsible for the 14-year-old’s death Israeli Prime Minister Benjamin Netanyahu on Saturday condemned the “heinous murder” of an Israeli teenager in the occupied West Bank as attacks on Palestinian villages intensified following news of his death. After Benjamin Achimeir, 14, was reported missing near Ramallah on Friday, hundreds of Jewish settlers backed by Israeli forces raided nearby Palestinian villages, torching vehicles and homes, leaving at least one villager dead and dozens wounded. The attacks escalated in several villages on Saturday after Achimeir’s body was found near the Malachi Hashalom outpost. Agence France-Presse correspondents saw smoke rising from burned houses and fields. Mayor Amin Abu Alyah, of the