Cart: $0.00 - (0 items )

‘Cyber incident’ affected flight planning

While ForeFlight reported in a November 6 blog post that notam services and chart updates had been restored, the Jeppesen website continued to carry an alert on November 9:

“We are currently experiencing technical issues with some of our products, services and communication channels. We are working to restore functionality as soon as possible. If you need support at this time, please reach out to us at Phone support is not available at this time. This disruption is also impacting the receipt and processing of new NOTAMs and distribution of current NOTAMs. Flight Operators are reminded that the NOTAMs Offices (NoF) / Air Services Navigation Providers (ANSP) for the countries of departure, overflight, and arrival are alternative sources of NOTAMs.”

Boeing purchased Jeppesen for $1.5 billion in 2000, acquiring a storied brand that, at the time, claimed an 80-percent market share in aircraft navigational products.

Boeing released a statement addressing the outages: “Our subsidiary, Jeppesen, experienced a cyber incident affecting certain flight planning products and services. There has been some flight planning disruption, but at this time we have no reason to believe that this incident poses a threat to aircraft or flight safety. We are in communication with customers and regulatory authorities, and working to restore full service as soon as possible.”

Boeing declined to describe the nature of the attack against the computer systems of its subsidiaries, its scope, or when full restoration was expected. Meanwhile, pilots are encouraged to exercise caution to avoid use of out-of-date navigation products for instrument flight.

FAA Advisory Circular 90-100A, which covers U.S. terminal and en route area navigation (RNAV) operations, states, “the onboard navigation data must be current and appropriate for the region of intended operation and must include the navigation aids, waypoints, and relevant coded terminal airspace procedures for the departure, arrival, and alternate airfields.”

Aviation author, pilot, and YouTube personality Rich Pickett of Personal Wings Inc. talked about the outage on his channel and told AOPA, “If you’re VFR, while there can be a safety issue flying with an expired GPS database, it’s not regulatory. For IFR, it is regulatory. The database must be current, or it must be verified by an alternate source, like FAA charts for en route use. For IFR terminal procedures, they must verify that the procedures haven’t changed from the last cycle by cross verifying with FAA charts. If the waypoint data has changed, you cannot use the RNAV approach; if only the altitudes have changed, then it is OK. However, changes in crossing altitudes and minimums may create significant safety issues, especially with autopilot-coupled approaches. In other words, it adds to the pilot workload and impacts safety.”

AOPA Pilot Information Staff have fielded inquiries or reports of unavailable services from members, though AOPA has not been able to learn more details about the nature of the “cyber incident,” or when services would be fully restored.

Cyber security remains an ongoing concern across aviation, ranging from nuisance incidents such as the denial-of-service attack that took several airport websites offline in October, to ransomware attacks targeting airlines. The European Organization for the Safety of Air Navigation reported in 2021 that cyber “attacks are up in all threat categories,” amounting to a 530 percent year-over-year increase.

Write a Reply or Comment:

Back to top