Home » Cyber-warfare » Malware Potentially Implicated in 2008 Fatal Plane Crash in Spain

Malware Potentially Implicated in 2008 Fatal Plane Crash in Spain

By Kevin Coleman
Defense Tech Cyber Warfare Analyst

Investigators looking into the crash of Spanair Flight 5022 at Madrid International Airport on August 20, 2008, killing 154, found that the airline’s central computer system used to monitor technical problems in its fleet was infected with malware, according to this news report. The central computer system should have warned the airline that Flight 5022, an MD-82 aircraft, was having repeat mechanical problems.

The plane’s onboard computer that should have alerted the crew by an audible alarm that the flaps and slats were retracted — NOT in the proper position for takeoff — failed to do so, multiple times. The U.S. National Transportation Safety Board preliminary investigation found that no audible alarm had been heard.

“The accident on take-off happened after pilots had abandoned an earlier take-off attempt and a day after two other reported problems on board. If the airlines’ central computer was working properly a take-off after three warnings would not have been allowed, thereby averting the tragedy.”

There are so many unanswered questions about this incident and what it will mean for transportation safety in general and specifically how it will impact the airlines industry.

Share |

{ 15 comments… read them below or add one }

Kevin August 23, 2010 at 10:48 am

I just learned that the Judge conducting the investigation has summoned COMPUTER EXPERTS and ordered the company to make data about the computer system available and the Judge expects the final report to be completed by December of this year.


BozoJoe August 23, 2010 at 11:30 am

To be clear, is this article implying that the aircraft's computer had malware or the maintenance ground software had malware, or both?


Kevin August 23, 2010 at 1:06 pm

The Central computer on the ground running maintenance. BUT they just started to look at ALL the computers. via my earlier comment.

I just learned that the Judge conducting the investigation has summoned COMPUTER EXPERTS and ordered the company to make data about the computer system available and the Judge expects the final report to be completed by December of this year.


TrustButVerify August 23, 2010 at 11:52 am

Feh. "Malware may have been a contributory cause of a fatal Spanair crash that killed 154 people two years ago." per the source article; methinks someone is going for the better headline, rather than the more accurate one. I'm more interested in the mechanic who okay'd the airframe for flight.


blight August 23, 2010 at 12:08 pm

It suggests that onboard diagnostic systems might give you a "green light" that thorough testing of each component by ground crew does not.


Steve August 23, 2010 at 12:42 pm

The article incorrectly lists the date as "August 20, 1988" rather than "August 20, 2008."


Kevin August 23, 2010 at 1:10 pm

At this point there are many more questions then there are answers. I can't wait and see the report due this December. How could the redundant onboard system both miss the flaps not being in the proper position and sound the alarm. As it was stated before - BOTH computers would have had to failed to detect the flaps incorrect position. Really Really interesting problem set.


Ian James August 23, 2010 at 1:20 pm

They shouldn't be downloading porn before doing maintenance checks


Thunder350 August 23, 2010 at 4:59 pm

If malware can do this… imagine what a country's cyber army can do to the USA who has absolutely no cyber defense (that works) or have the backbone enough to retaliate both in and out of cyberspace. The pentagon gets hacked how many times a day for the past couple of years just for us to sit around, talk about the issue and do nothing?


LEP August 23, 2010 at 5:41 pm

According to certain information this Spanair MD-82 stopped its first departure attempt and returned close to the terminal because of an overheating indication in its ram air temperature probe. The technicians inspecting the aircraft pulled a circuit breaker to isolate this fault. It is THEORIZED that this circuit breaker was not returned to its proper position and that it neutralized the aircraft's take off warning system (TOWS). The TOWS would have provided audio warning that the aircraft's flaps and slats were not in the optimal position for take off and no such aural warning was sounded. The aircraft, filled to capacity with fuel and passengers for a flight to the Canary Islands, attempted a take off with an incorrect flaps-slats configuration and entered a stall that led to the activation of the stick shaker stall warning at a small altitude from the runway. The aircraft fell back on the runway, veered off it, and crashed down a ravine close to the end of the runway where it suffered a catastrophic fire. A similar take off stall had caused a Northwest Airlines DC-9 accident at the Detroit Airport in the more distant past.


Kevin August 24, 2010 at 2:45 pm

The redundant systems design criteria prohibits the primary and secondary systems to be on the same circuit breaker. In addition - I talked to a commercial pilot and he walked me thru the takeoff process. For this to have happened 5 or 6 controls would have had to fail. When you factor in the redundancy, that means 10 - to - 12 control failures.

Statistically/Probability speaking - you have a better chance being struck by lightning!


LEP August 24, 2010 at 4:40 pm

A very good point. But, please recall the Turkish Airlines (Turk Hava Yollari - THY) accident at Shiphol Airport, Amsterdam, Netherlands, in 2009, where a faulty altimeter was feeding erroneous information to the THY Boeing 737-800's autothrottles that the aircraft - supposedly - had "already landed" during a critical landing approach phase. The autothrottles applied reduced power, the crew did not react timely and in a coordinated fashion, and the aircraft stalled and crashed in a muddy but fortunately soft field with no post-crash fire and only six (6) fatalities.


Kevin August 24, 2010 at 5:02 pm

Why what you described is a totally different problem set.


LEP August 23, 2010 at 5:45 pm


The investigating Spanish judge has asked the technicians who checked the crashed Spanair MD-82 aircraft after the first aborted departure attempt to provide statements. Apparently, criminal liability attaches after such aircraft accidents in Spain as it happens in other European countries as well.


Colt August 23, 2010 at 9:47 pm

Well, I hope they get to truth of the matter. Considering interconnected so many computer systems are, perhaps it will get the industries who are involved with this sort of equipment to put better or physical safeguards to prevent Malware from invading such critical systems.


Leave a Comment

Previous post:

Next post: