When over-reliance on technology backfires. A few days ago it became known that due to a serious technical failure in the computer and communication systems (ICT – Information and Communication Technology) that support the operation of British airspace management, serious delays were expected in flights to all airports in Great Britain ( including Scotland).
Essentially the existing and fully digital air traffic management system, which allows for the safe management of the high volume of flights, has been put out of business. In order to deal with the current situation, and under the risk of completely “closing” the airspace, the competent National Air Traffic Service (NATS: National Air Traffic Controllers) has switched to a backup system, which however does not provide the corresponding automations, as a result of which it is required to reduce the volume of flights, so as not to disturb the security levels.
Why is this important? Disregarding the provisions of international law which do not concern this article, we briefly mention that a country can undertake the obligation under ICAO – International Civil Aviation Organization, to manage a specific section of airspace (airspace) even if this section includes international airspace, the well-known FIR (Flight Information Region). For example, the Federal Aviation Administration (FAA) of the USA provides air traffic control services and flight information both in the continental United States and in the Atlantic and Pacific oceans!
An additional important factor concerns the separation (vertical and horizontal) between two aircraft. Spatial dimensions in Europe are defined by EUROCONTROL and to achieve them requires the existence of a reliable and technologically advanced infrastructure, which offers high levels of automation.
Is it a cyber attack? The information that has been published so far indicates that the cause of the problem is a technical failure in the infrastructure. This technical failure is indeed due to a cyber attack. The timing of the problem – traditionally one of the busiest days in terms of load, as thousands of passengers return from their summer holidays – can be part of a hybrid business campaign. Britain, together with the USA, are the main pillars of support for Ukraine in the war with Russia.
We note that in a recent article-analysis in The Liberal Globe we referred to the part of hybrid war/operations and hybrid threats (“Hybrid Warfare: Why “information dominance” is a critical success factor?” & “The Stages-Phases of the Hybrid War“). Already the opposition in Britain is calling for a “COBR(A) meeting”, as there is already a serious impact inside the country from disgruntled passengers/travellers. Even if the damage is due to a cyberattack, it is quite possible that those responsible will never be identified, as attribution in cyberspace is extremely difficult.

Is it a cybersecurity issue? According to the definition given by NIST, one of the purposes of cyber security is to ensure the integrity, confidentiality, and availability of the information that exists in an information system. It is clear that in this particular case the principle of ensuring availability (availability) has been completely disrupted, the principle of integrity (integrity) partially, while it remains to be proven whether there is also an issue with the confidentiality of the data.
Especially if we’re talking about a cyber-attack and not a technical error, which we note could refer to some planned or unplanned upgrade that wasn’t executed properly, or even a geoproducer/digger that cut a data switching cable!) . In closing, we should mention some findings:
1. The field of application of cyber security (cybersecurity) and information security (information security) is extremely broad and touches points which – at first sight – seem outside the relevant framework. It is therefore extremely important for the smooth operation of any organization (regardless of size, number of staff, etc.) that these specific issues are taken seriously.
2. Any change in a subsystem has the potential to throw the entire mechanism out of balance (and sometimes out of order). As a result, changes should be planned with due care.
3. The internet and cyberspace have created new forms of attacks and threats. They are the “weapon of choice” for various actors to implement tactics at a strategic level.
The company itself through an official announcement [Air Traffic Control system update – NATS] states that the problem is related to data received by the system and which led to the automatic shutdown of the main (and backup) reception and the transition to manual mode of operation , which by definition cannot support the same operational rates.
The company has so far not announced the type, format, purpose or origin of this data (reports of an incorrect, incomplete or incomplete flight plan are not confirmed), as well as why the system chose to stop working ( together with spares) and switch to manual. In the same announcement, the company has committed to making public the data and results of the relevant investigation that has already begun.
Even in the scenario where the problem is due to a cyber-attack (there are many ways in which a malicious user(s) can cause systems to shut down) the fact that a computer system can choose when to shut down to him is extremely problematic in itself. It is noted that in this particular case the backup systems, which are actually installed to allow the continuous and uninterrupted operation of an infrastructure, were also automatically disabled. Let’s imagine that another – hypothetical – system deleted all the data held on it, along with the backups!
We remind you that this specific incident, even if it is not classified as a cyber-attack, falls under the field of cyber-security. In the near future, more and more incidents will have to be treated in this light. The union of man (and by extension the social whole) and technology is becoming more and more complete. So we should ask ourselves if we are ready and to what extent to cope with the challenges unfolding before us.




