Remember all those jokes we used to make about how if air travel
was like the computer industry, tickets would cost 49 cents but the
planes would crash every 15 minutes? They're not funny anymore.
I don't normally get freaked out over a news story, but when I
heard that
a Trojan Horse has been implicated in the 2008 crash of SpanAir
flight 5022 that killed 154 people, I was thown for a major
loop.
Apparently, an internal SpanAir investigation has revealed that one
of the airline's central computer monitoring systems was infected
with a Trojan and failed to detect three technical problems on the
doomed flight. Knowledge of those problems should have stopped the
plane from attempting takeoff.
I just don't know how to deal with this. It's one thing for viruses
to shut down my PC or recruit it into a spamming botnet. I don't
like it, but it's hardly life-threatening. It's also one thing for
keyloggers to steal my passwords and empty my bank accounts. I'm
not happy about that threat either, but I might conceivably be able
to get my money back from the bank. And at least I'd still be alive
with the chance to earn more.
But crashing a plane full of people. That's something else
again.
Now, it's still too early to know if the malware infection was a
deliberate attack on SpanAir, or just tragic bad luck. According to
The Register:
A mechanic who checked the plane
before take-off and an airport maintenance chief are under
investigation and face possible manslaughter charges. Investigating
judge Juan David Perez has ordered SpanAir to supply data on the
state of its systems at the time of the crash. An investigation
commission is due to report on the case by December.
Either way, though, this not only changes the way I feel about air
travel -- much less safe -- but also the way I feel about malware.
If there's even a shred of truth in this story, malware is no
longer a harmless game, or a victimless crime, or even a
white-collar crime. It's mass murder.
The stakes have been raised, suddenly and permanently. Computer
experts are already saying this kind of thing is bound to happen
again, and there's no reason not to believe them.
After all, the Pentagon has just confirmed that China is sponsoring
private hacking in clandestine cyber attacks. So far, those seem to
be aimed at stealing corporate secrets, but it's now clear that
there's no telling what the fallout -- intentional or not -- will
be from these efforts.
Let's hope that SpanAir Flight 5022 is wakeup call for a real,
concerted effort to fight malware. In the meantime, I'm still
freaked out.