nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

Sweden 'secretly blames' hackers – not solar flares – for taking out air traffic control

Cosmic storm, my ass

By John Leyden, 12 Apr 2016

Sweden suspects a hacker group linked to Russian intelligence was responsible for an attack on its air traffic control systems last November, it is claimed.

Air traffic control systems across much of Sweden were unavailable on November 4. Computer problems meant air traffic controllers were unable to use their displays, an issue that prompted the cancellation of multiple domestic and international flights. Arlanda, Landvetter and Bromma airports were particularly affected.

The Swedish Civil Aviation Administration publicly blamed a solar storm. However, behind the scenes the Swedes were notifying NATO about a serious, ongoing cyber attack, Norwegian news outlet aldrimer.no reports.

Sweden is outside NATO, but its warnings last November were reportedly passed onto NATO members in neighboring countries such as Norway and Denmark. The Swedes suspected the hacks were the work of an elite hacking crew linked to the Russian military intelligence service GRU (Main Intelligence Directorate). They were also worried that state-owned power company Vattenfall might come under attack, prompting a warning in that direction too.

"The message was passed on to NATO either by Sweden's National Defence Radio Establishment (Försvarets radioanstalt, FRA) or the Swedish Military Intelligence and Security Service (Militära underrättelse- och säkerhetstjänsten, MUST)," a senior NATO source (who unsurprisingly asked to remain anonymous) told aldrimer.no.

Sweden's air traffic control systems problems reportedly coincided with Russian electronic warfare activity in the Baltic Sea region, which may have included jamming of air traffic communication channels. The signals reportedly emanated from the Russian enclave of Kaliningrad, south of Lithuania.

The US-based Space Weather Prediction Center issued a geomagnetic storm warning for November 2-3, with solar activity on the key day of November 4 expected to be moderate and declining. Hypothetically the Russians might have been using the solar storm as cover to test the country's cyber-warfare capabilities on a live target, sensibly one outside of NATO.

FRA, MUST and NATO all declined substantive comment on the Swedish air traffic control outage when contacted by aldrimer.no. FRA spokesman Fredrik Wallin did, however, acknowledge the common wisdom that such (electronic warfare) attacks are a growing problem.

LFV, Sweden's civil aviation administration, said its investigation into the November problems remains open. It declined to respond to the theory that a cyber attack might have been behind problems with the country's air traffic control system last year. ®

The Register - Independent news and views for the tech community. Part of Situation Publishing