Mystery British Airways IT Failure

Uploaded on 2017-06-02 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Transport & Travel

The IT shutdown that led to chaos for British Airways was caused by an “uncontrolled return of power” following an outage that physically damaged servers at its data centre, the airline has said.

Experts have questioned British Airways’ claim that this weekend’s catastrophic IT failure was down to a “power surge”, as the company’s chief executive has claimed.

The airline industry is notorious for running outdated infrastructure long after standards have improved. In December, for instance, it was revealed that passenger booking systems used by multiple airlines were easy prey for hackers.

About 75,000 passengers were affected as BA flights were cancelled following the incident on Saturday 27th May morning. The carrier was unable to resume a full schedule until Tuesday 30th and many passengers are still without their luggage.

BA was accused of greed after the GMB union said the issue could have been prevented if the airline had not cut the jobs of “hundreds of dedicated and loyal” IT staff and contracted the work to India last year.

The cause of the initial power outage and the subsequent surge has not yet been revealed. “There was a loss of power to the UK data centre which was compounded by the uncontrolled return of power which caused a power surge taking out our IT systems. So we know what happened, we just need to find out why,” the airline said in a statement.

“It was not an IT failure and had nothing to do with outsourcing of IT, it was an electrical power supply which was interrupted.

“We are undertaking an exhaustive investigation to find out the exact circumstances and most importantly ensure that this can never happen again.”

Some experts predict BA could face a bill of over £100m in compensation costs.

The airline said it will “comply with all of the relevant EU compensation regulations”, including hotel accommodation, transport to and from hotels, meals and telephone calls.

It has added extra staff to its customer relations department to help process payments.

The airline said all of the delayed bags had been processed at Heathrow and were on their way to customers around the world but admitted “it may take some time to complete the process”.

BA’s parent company, IAG, saw shares initially fall by about 4% in the first day of trading in London after the outage occurred.

On Saturday night, travellers spent the night sleeping on yoga mats spread on terminal floors after BA cancelled all flights leaving Heathrow and Gatwick.

BA’s chief executive, Alex Cruz, said the outsourcing of jobs was not to blame for the “catastrophic” power failure.

Guardian:     Guardian:

You Might Also Read:

UK Airports & Nuclear Power Stations On Cybersecurity Alert:

Flight Ban On Laptops 'sparked by IS threat':

Changing Other People's Flight Bookings Is Just Too Easy:

 

 

« Algorithms: An Unseen Influence On The UK Election
WannaCry Outbreak Is Just A Tip Of An Iceberg »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

A10 Networks

A10 Networks

A10 Networks is a leader in application networking, helping organizations of all sizes to accelerate, optimize and secure their applications.

Yubico

Yubico

Yubico sets new global standards for simple and secure access to computers, mobile devices, servers, and internet accounts.

National Cyber Security Centre (CNCS) - Portugal

National Cyber Security Centre (CNCS) - Portugal

CNCS is the operational coordinator and Portuguese national authority in cybersecurity working with State entities, and digital service providers

Industrial Cyber-Physical Systems Center (iCyPhy)

Industrial Cyber-Physical Systems Center (iCyPhy)

The goal of iCyPhy is to conduct pre-competitive research on architectures and design, modeling, and analysis techniques for cyber-physical systems.

Cellopoint

Cellopoint

Cellopoint is a leading manufacturer of information security and email lifecycle management (ELM) products.

Dreamlab Technologies

Dreamlab Technologies

Over the last 20 years, Dreamlab Technologies has established itself as a source of constant innovation within the information security landscape.

Cyber Security Education

Cyber Security Education

CybersecurityEducation.org is an online directory of cyber security education and careers.

Envieta

Envieta

Envieta is a leader in cryptographic solutions. From server to sensor, we design and implement powerful security into new or existing infrastructure.

INE

INE

INE is a premier provider of Technical Training for the IT industry.

Coveware

Coveware

Coveware helps businesses remediate ransomware. We help companies recover after files have been encrypted, and our analytic, monitoring and alerting tools help companies prevent ransomware incidents.

Everbridge

Everbridge

Everbridge provides enterprise software applications that automate and accelerate organizations’ operational response to critical events in order to keep people safe and businesses running.

BlueHalo

BlueHalo

BlueHalo is purpose-built to provide industry capabilities in the domains of Space Superiority and Directed Energy, Missile Defense and C4ISR, and Cyber and Intelligence.

Gradient Cyber

Gradient Cyber

Gradient Cyber offer mid-market organizations enterprise-grade threat detection and response services at a fraction of the cost of an in-house SOC.

J.S. Held

J.S. Held

J.S. Held is a global consulting firm providing technical, scientific, and financial expertise across all assets and value at risk.

Protect AI

Protect AI

Protect AI is a cybersecurity company focused on AI & ML systems. Through innovative security products and thought leadership in MLSecOps, we help our customers build a safer AI powered world.

ESProfiler

ESProfiler

Enterprise Security Profiler. Empowering CISOs with clarity & confidence in their security programme by visualising capabilities, usage and spend against their key threat priorities.