LOT Polish Airlines was forced to cancel 10 flights scheduled to depart from Warsaw’s Chopin airport on Sunday after hackers attacked its ground computer systems.
The IT attack, which was not described in detail, left the company unable to create flight plans for outbound flights, grounding around 1,400 passengers.
The company said that plane systems were not affected and aircraft that were already in the air were able to continue their flight or to land. The incident only affected the ability of planes to depart from the airport for several hours.
It’s not clear what kind of attack it was and whether it was the hackers’ intention to ground planes or if the systems were taken offline as part of incident response procedures.
LOT Polish Airlines did not immediately respond to a request for more details.
This is not the first time hackers or malware have affected computer systems belonging to airports or airlines, although it’s one of the rare cases where such an attack actually had an impact on flight schedules.
In December, researchers from security firm Cylance documented a cyberespionage campaign dubbed Operation Cleaver that they believed was sponsored by the Iranian government.
The Operation Cleaver hackers compromised computer systems belonging to over 50 organizations from 16 countries, including airlines and airports in the U.S., South Korea, Saudi Arabia and Pakistan. The Cylance researchers said that the group’s access to the victim networks was “ubiquitous” extending to Active Directory domains, Cisco edge routers and switches and internal networking infrastructure.
“This incident demonstrates that while attacking in-flight systems may have made headlines recently, there are many more areas of vulnerability to address in the aviation industry,” said Tim Erlin, director of security and product management at security firm Tripwire. “Like most industries today, aviation relies on a wide variety of interconnected systems, from air traffic control to reservations systems.”