Hackers are targeting airlines as never before, and this could affect your next flight. That’s the conclusion of a troubling new study of airline IT outages by Netscout, a provider of application and network performance management products.
Attacks against passenger air travel increased by more than 15,000% between 2017 and 2018, according to Netscout’s research.
That’s no decimal point error. 15,000%.
Why? Airlines are easier targets.
“Cybercriminals have traditionally concentrated attacks on internet service providers, telecoms, and cable operators,” says Hardik Modi, Netscout’s senior director for threat intelligence. “While those categories still represent prime targets, they are now relatively well protected”. Subsequently, cybercriminals are now targeting the enterprise market, including passenger air travel, with real venom.
Sungard Availability Services, a provider of IT production and recovery services, tracks the major airline IT outage incidents. It shows that their numbers steadily increasing.
Last year, the domestic airline industry had 10 major outages, the most since 2015, according to Sungard. It’s unknown what role, if any, cyberattacks played in these outages.
The trend appears to be accelerating in 2019. Southwest Airlines suffered a computer outage on Friday that temporarily grounded flights across the country. The airline said it suspended operations for about 50 minutes to ensure the performance of software systems that had been upgraded overnight. The airline also had a smaller outage in January that affected flights to and from Baltimore-Washington International Airport.
In January, 27 Alaska Airlines flights were delayed after the airline suffered a power outage in Seattle.
The incidents trigger an avalanche of consumer complaints to my nonprofit advocacy organization.
What’s going on with airline IT outages?
What’s happening? Distributed denial of service (DDoS) attacks are to blame for some of the outages, according to Netscout. DDoS attacks disrupt services of a host connected to the Internet. You can see some of these attacks in real time on a service like Downdetector.com (here’s Southwest Airlines and here’s Alaska Airlines.)
“Disruptions to air travel are felt immediately,” explains Modi. “We’re all used to seeing images of grounded flights on the evening news, while delayed passengers make their frustrations known over social media channels.”
But not all of the attacks directly affect passengers. Netscout’s analysis also reveals a spike in attacks which passengers might not notice, with volumes reaching levels not seen since 2016.
“Our analysis also indicated that the size of attacks grew at an alarming rate during 2018,” Modi adds. “The maximum attack size recorded last year reached a staggering 245 Gbps (billions of bits per second, a measure of internet bandwidth). When comparing this to the maximum attack sizes recorded in 2016, which reached 124 Gbps, you begin to understand the increasing severity of these attacks.”
In other words, the flight disruptions you’re feeling are only a small part of a much bigger problem that are keeping airline IT workers busy this year. Data trends point to even more outages in the coming weeks, which also happen to be among the busiest for air travel.
How to prevent hackers from ruining your next flight
Airline IT outages can affect your next flight, as I pointed out in my Washington Post column last year.
No one knows when the next IT outage will happen, but there are steps you can take to protect yourself from the worst effects.
Consider travel insurance. The major carriers offer coverage for flight disruptions, which include any information-systems problems that cause delays or force an airline to cancel flights. Cast a broad net when you’re researching coverage. A company like Etherisc allows you buy insurance up to 24 hours before your flight, track it in real time and receive an instant payout if your flight is delayed or canceled. There’s no formal claims process. I have an annual travel insurance policy through Allianz Travel Insurance that covers flight disruption.
Choose your airline carefully. Carriers that have been through multiple mergers are most likely to suffer an IT outage, due to the merged patchwork of systems, components and staffing. All of the major legacy airlines, plus Southwest Airlines, have recently completed mergers. Some are aggressively upgrading their aging IT equipment, which has led to a few hiccups.
Schedule your flight early and book it as a nonstop. Many IT outages happen in the afternoon or evening, as server loads spike. Passengers on early-morning flights aren’t affected. And flying nonstop lessens the chance that you’ll be stuck somewhere on a connection.
Know your rights. If you’re flying in the United States, your rights are outlined in the contract of carriage, the legal agreement between you and the airline. It’s a dense and often difficult-to-understand contract, but it contains several provisions that promise an airline will offer meal vouchers, phone cards and overnight hotel accommodations during a service disruption. While there’s no requirement that an airline must rebook you on a different carrier (known as endorsing the ticket), airlines are known to consider doing that on a case-by-case basis.
Could this be the year of the airline IT outage? Perhaps. Even if the first two months of the year are a fluke, you need to know the extent of the problem — and the fixes.