New Year’s Day flight snafu: No evidence yet to suggest cyberattack, says CICC

The room which houses the air navigational system of the Civil Aviation Authority of the Philippines has no closed-circuit television.

FILE PHOTO: Passengers queue at Ninoy Aquino International Airport Terminal 3 in Pasay City as they wait to board their flights following the resumption of airport operations on Monday, Jan. 2, 2023. INQUIRER file photo / RICHARD A. REYES

MANILA, Philippines —The Cybercrime Investigation and Coordinating Center (CICC) on Wednesday told the House of Representatives that, for now, no evidence suggests that a cyberattack caused the New Year’s Day flight disruption.

During the hearing of the House Committee on transportation, CICC head and Department of Information and Communications Technology (DICT) Undersecretary Alexander Ramos said that the issue that caused over 300 flights to be canceled, diverted, or delayed was off-grid, not something that could be controlled remotely.

Last January 1, flights in and out of the country were stopped after the Communications, Navigation, and Surveillance Systems for Air Traffic Management (CNS/ATM) by the Civil Aviation Authority of the Philippines (CAAP) malfunctioned.  The problem was traced to the current and standby uninterruptible power supply (UPS) failing to supply power to the system.

“As far as we’re concerned, on the power supply side, it’s an off-grid system, no remote access to that system so cyber attack has not been an issue as far as our investigation is concerned, yet,” Ramos said.

“So that’s on the power line side,” he added.

Committee chairperson and Antipolo 2nd District Rep. Romeo Acop, in response, asked Ramos what he meant by ‘yet’.

“You said ‘yet’, ano ho bang ibig sabihin ng yet?  Ano pang titignan natin?” he asked.

“The total, complete investigation on the CAAP system — malaki ho ‘yong system nila eh — hindi pa ho kumpleto, we are addressing the most critical part, which is the one that is powering up the whole system.  ‘Yan ho ang aming directive to ensure continuity, to ensure quality, to ensure na hindi na gagalaw siya externally.  As far as the operation side, no, we haven’t even finished the assessment on it,” Ramos replied.

Acop inquired further, asking if he is correct in assessing that CICC is not focusing on the possibility of a cyber attack, as what some Senators have feared.

READ: Senators seek thorough probe of Naia fiasco 

Ramos said they could not immediately assess problems with the CAAP’s system because they do not have the tools to do so.  Such a problem, he said, could have been addressed if Congress had given them the funds to buy the tools.

“It is very important, especially that it’s your eyes to the sky, but since, kasi we have a problem also within our DICT […] our budget was cut, actually not cut, rather the budget that was requested for was not given, we’re not even asking for an increase, our capability to do fast-tracking and forward-looking systems or tools, and the capability for us to look cannot be purchased,” Ramos said.

“Well, we don’t have surveillance systems (to d0) cyber threat analysis […] as far as the DICT family is concerned, where asking for the restoration of P400 million,” he added.

Acop asked Ramos if they could even come up with an assessment without the said budget, to which the latter said they can, but it would take some time.

“So, in the absence of that budget, are you saying you cannot come up with a categorical answer if there was a cyberattack?” Acop said.

“It can be said like this: we’re given sticks and stones to war, but we are not backing down, we’re doing it based on capability.  Give us the tools. We can ride on something faster,” Ramos replied.

After outbound flights were grounded, it was initially believed that a power outage rendered the CNS/ATM non-operation.  However, in a late night briefing on the same day, both Transportation Secretary Jaime Bautista and CAAP Director General (ret.) Capt. Manuel Tamayo clarified that a commercial power supply was available.

Instead, the UPS of the CNS/ATM’s main power source and the backup source went down.  Tamayo said that they received a signal that the cooling blower of the UPS conked, which should have switched the power source to the backup — which did not happen.

The CAAP head said they tried to override the power supply by installing an automatic voltage regulator, but instead of getting the recommended 220 volts, the system operated on 380 volts — forcing a shutdown.  The overvoltage, however left some damage on key components, like satellite dishes.

READ: UPS failure caused glitch at CAAP’s Air Traffic Management Center, says DOTr 

READ: Air traffic system glitch diverts all flights in Manila https://newsinfo.inquirer.net/1711223/air-traffic-system-glitch-diverts-all-flights-in-manila

At least 350 flights have been delayed, canceled, or diverted to other regional airports and ports abroad.  This translates to over 66,000 passengers supposed to leave through or arrive at the Ninoy Aquino International Airport (Naia), the country’s primary international gateway, and other main airports.

READ: Air traffic system glitch partially resolved, limited flights to resume — MIAA 

/MUF/abc
Read more...