Could malware crash a plane?

On Aug. 20, 2008, Spanair Flight 5022 crashed shortly after takeoff from Barajas airport in Madrid, killing 154 of the 172 passengers.

Investigators have been studying the case for the past two years and have made a shocking discovery.

Early reports suggested that malware — those malicious programs your computer picks up from the Internet — might have been a contributing factor in the plane’s crash. And while this may have been the case, a large misconception has surfaced online.

While many people assumed that the malware was in the plane’s computer, the actual computer affected by the malicious software was on the ground, and was used to monitor technical errors in the plane.

The early theory was that the ground system was infected with malware and was unable to send an alert notifying workers of technical faults. Causing the plane to takeoff with the flaps retracted, an error the computer should have been able to detect.

Meanwhile, private investigators have concluded more recently that the crash was due to human error and had little to do with the malware on the computer system.

Since then, Spanair has been ordered to provide all of their data logs from the day before and after the crash. A final report is set to be released in December.

Even though this likely wasn’t a malware attack, history has shown us that malware can be used to attack public and even military systems.

In the fall of 2008, the United States Department of Defense was battling a worm that infected their networking and computer systems. This worm forced them to ban the use of all portable hardware that enabled data transfer. reported, “The Defense Department’s geeks are spooked by a rapidly spreading worm crawling across their networks. So they’ve suspended the use of so-called thumb drives, CDs, flash media cards and all other removable data storage devices from their nets, to try to keep the worm from multiplying any further.”

The ban came from the commander of U.S. Strategic Command and was a massive inconvenience for military officers working in the field, where data storage was limited and the use of removable USB drives had been widespread.