During railway construction work, a fiber optic bundle from Telekom is severed – with serious consequences. Lufthansa operations have been paralyzed for hours. That’s how vulnerable the critical infrastructure is.
After the failure of Lufthansa’s IT systems on Wednesday morning, wild rumors immediately began to circulate online as to what could be the cause. Has the airline been attacked by hackers with ransomware? Have Russian cyber warriors launched an attack against the German flagship company? Or did the Lufthansa experts themselves paralyze their own systems through operating errors? After all, that was exactly what happened to the US Air Traffic Control Authority FAA just a few weeks ago.
It soon turned out that it was neither a cyber attack nor a self-inflicted IT breakdown. The mistake made by a construction worker at an S-Bahn construction site in Frankfurt caused the communication disruption. An important fiber optic line belonging to Deutsche Telekom was severed with a concrete drill. This then led to the failure of Lufthansa’s computer systems at the most important air traffic hub in Germany.
Replacement line initially saved Lufthansa
The incident is reminiscent of the sabotage attack on Deutsche Bahn in October. At that time, there were numerous train cancellations in northern Germany because two important lines for internal rail communication in Herne and Berlin were deliberately cut. But there is one important difference: in the attack on the railway, the attackers not only targeted the main line, but also the backup connection at the same time. Lufthansa, on the other hand, still had a functioning replacement line after the mishap at the construction site on Tuesday evening. However, the backup could no longer withstand the usual rush at rush hour on Wednesday morning.
“Even minor disruptions can have major effects in a digitized world,” says Rüdiger Trost, an expert at the IT security company Withsecure. “It is all the more important to double and triple secure nodes in IT. It’s about building resilience, i.e. greater resilience.” Alternative solutions are developed for various failure scenarios. “These are tested regularly, but for cost reasons they are often smaller than the main system. Even on cars, the spare tire is not always of the same quality as the normal tyre.”
Reliable backups difficult to implement
Against this background, the independent Kritis working group is committed to security measures that are intended to prevent an isolated malfunction from leading to a total failure – also because it is simply impossible to monitor critical infrastructure across the board. After the act of sabotage against the railway in October, the spokesman for the AG, Michael Wiesner, demanded that operations continue to function even if several cables were cut.
In practice, however, a 100% functioning backup is extremely difficult to implement, says specialist journalist Dusan Zivadinovic. The operation of a network in a large company like Lufthansa is a complex task because not only connections for surfing the web or sending and receiving e-mails are set up, but above all for the secure operation of servers. “Even if you deal with it every day as a professional, the devil is in the details.”
It is not enough to direct traffic to a replacement line. “If desired, this can even be done fully automatically. But there are complicated network configurations involved,” says the editor-in-chief of the trade journal “c’t”. In addition to many other things, the alternative routes to the Lufthansa servers must also be communicated to the locations distributed around the world. “It’s not just Lufthansa and its telecommunications service providers that are involved in this so-called re-routing.” Every network operator in the world has to play along. “We are dealing with a scenario that is difficult to practice.”
Better flow of information required
The network failure at Lufthansa does not mean a meltdown, however, because the disruption was eliminated after a few hours, as Zivadinovic says. “Like all Internet users, the airline has to live with the fact that no network operator in the world can guarantee 100% availability of Internet connections. You have to expect that a main line will fail.”
Since backup solutions do not always work as intended, experts are also calling for measures to at least avoid unintentional disruptions to civil engineering work as far as possible. The Federal Association for the Protection of Critical Infrastructures is working to ensure that the exchange of information between planning authorities, civil engineering companies and operators of data lines is improved so that an excavator does not bring an entire airport to a standstill again.