Is it likely that all the airline computer failures are cyberattacks?

I am NOT a conspiracy theorist at all, but there sure have been a lot of airline computer failures over the past year or so causing flight delays and cancellations . Is it at all likely that these are the results of cyber attacks? Or, are airlines relying on old and unstable technology and too cheap to update their IT systems?

I thought about putting this in GQ, but I doubt there’s a factual answer. I know we’ve got quite a few tech types on the SDMB and maybe they can provide some insight.

It is this one. Airlines are in the business of flying passengers and cargo around, not IT so it isn’t surprising that they are pretty bad at it. Major airlines are also very large with lots of ever moving and changing parts plus lots of legacy baggage that extends to every single job and procedure. Replacing systems like that is much more expensive than people think.

I consult for legacy systems and some newer CRM and ERP systems. Implementing them correctly can take many years and very literally cost hundreds of millions to billions of dollars. Even the largest companies have a hard time affording that especially the airlines that frequently claim a loss. The will have to do it at some point but it will probably take a combination of getting to the crisis point combined with a clearly superior solution for them.

It is really hard to do when they are also concerned about mergers and newer startups at the same time because that would be like setting all their profits on fire (if there are any at all).

Old joke:

How do you make a small fortune in aviation?

Start with a large fortune and work your way down.

In all seriousness, I consult for one of the most famous and profitable companies in the world and they need a comprehensive systems overall badly and planned to do it until they got the estimate (it was in the many billions). It had to be called off because nobody can justify that much especially when they have shareholders. It is a problem that affects many different types of industries and other entities like city, state and federal government agencies (it is common to find systems from the 70’s or 80’s still in essential use in the latter).

That is why startups can be so disruptive. They can start with the latest and greatest solutions and don’t have to deal with all of the legacy baggage.

No. It is not likely that airline computer systems never fail except as the result of cyber-attacks. As a matter fact it is extraordinarily unlikely.

Not a tech-type, but I’ve seen some of the DOS-based interfaces that crew use for a major US airline. It’s nothing but (metaphorical) duct tape and dust, all the way down. It’s a wonder they manage as well as they do.

Yes, there are old, legacy systems. Yes, it is also possible that at least some of the outages at some point have been cyber attacks to test capabilities. A brief check online reveals a fair amount of speculation on this. I didn’t read through enough to confirm or deny. As a long time worker in the tech security space, I will say that it’s more than possible. (Again, I would expect to see that as a confirmation of capabilities type of action or as a retaliation for some action we took.)

I knew the early history of SABRE, the system IBM developed for American Airlines back in the 50s. At the time people were astonished at the cost and time involved.

IBM eventually moved on to something called PARS which is built on TPF.

Check the side panel for that Wikipedia link. First released in 1979. Last release 2005.

PARS has been replaced by many airlines in recent years, but it’s still used, esp. overseas.

But at least they were using the latest dot matrix printers at the gates during our trip last summer!

Looks like this BA one can be traced back to outsourcing.

Here’s a blog entry by a senior tech executive for Amazon that talks about an ATC outage. http://perspectives.mvdirona.com/2014/05/air-traffic-control-system-failure-complex-system-testing/. No malware / cyberwarfare in sight here.

This guy manages Amazon’s ginourmous data centers and is a real expert on how large scale systems work. And how they fail. I heartily recommend his blog as an example of smart deep thinking.

Here’s another article of his about the failure Delta Airlines had in (IIRC) 2015: http://perspectives.mvdirona.com/2017/04/at-scale-rare-events-arent-rare/. The punchline is the UPS systems decided to protect *themselves *by powering down the data center rather than protect the *data center *by sending power to it. Which design philosophy is apparently a common defect in large UPS systems. No malware / cyberwarfare in sight here either.

Note the punchline contained in his title: In truly huge operations, rare events happen every damn day.

At one point in my IT career we were providing incident tracking software to the IT department of a Fortune 50 company. That’s big. Real big.

Our software was used to track what’s broken, what’s connected to what, how the repairs are going, who’s watching the problem, who/what/where’s picking up the slack for the inoperative components, etc. They had a dedicated department with 100 employees staffed 24/7/365 whose whole job was to ride herd on their systems and use our tools.

Their motto was simple and one I really liked: “Failures aren’t a crisis; they’re business as usual. Failing to manage a failure is a crisis.”