Malware's role in fatal 2008 air crash

An infection didn't cause the crash but might have kept a maintence system from preventing it

A Spanair flight that crashed two years ago killed 154 people and was Spain's worst air disaster in 25 years. Recent reports have suggested that an infected computer warning system was the reason pilots were not alerted that the plane’s wing slats were not properly positioned for takeoff. That does not appear to be true — Spanair JK 5022 was not brought down by a Trojan.

What might have happened is that an airline maintenance department computer used to track problems reported on aircraft was running slow, possibly because of a malware infection, and mechanics had not entered the latest incident report for that aircraft before the fatal takeoff attempt.

The infection did not cause the crash, but it might be the reason that the aircraft was not flagged for attention, which in turn could have led to the crash. That indirect contribution to a disaster illustrates the importance of keeping even routine back-office information technology systems protected and clean of malicious code so that they can properly support mission-critical operations.

Related stories:

FAA identifies computer error that caused delays

FAA pushing to get advanced technology into air traffic control

The Spanish MD-82 airliner crashed on a takeoff attempt at Madrid’s Barajas Airport Aug. 20, 2008. Although final conclusions have not been issued, initial reports from Spanish authorities and the U.S. National Transportation Safety Board, which assisted in the investigation, indicate that slats on the aircraft’s wings were not in the proper position when the plane began its takeoff — and the crash was mostly because of the crew’s failure to notice that. According to an NTSB report issued in August 2009, there were no audible warnings of the problem in the cockpit because a faulty relay had disabled a takeoff warning system.

The aircraft reportedly had two maintenance problems the day before the crash and had aborted one takeoff because of a faulty sensor immediately before the fatal takeoff attempt. The airline’s maintenance tracking system is supposed to issue an alert when three similar problems occur on an aircraft.

However, according to Spanish news reports, it took about 24 hours for the airline to enter this information. The system also reportedly was running slow, which delayed the entry of the third incident on the day of the crash. The Spanish judge in charge of the investigation has ordered the airline to turn over data related to the computer's condition.

Until the investigation is completed, the ultimate causes of the crash will not be known for sure. But it appears unlikely at this point that malware was involved in the immediate failures that brought down the plane.

However, even if an infected computer was not directly involved, it appears that it could have been the indirect reason for the failure to flag the aircraft for additional attention. There is no indication yet that this maintenance system had been specifically targeted for attack or that an attacker’s intent was to interfere with aircraft operations.

But the incident highlights the importance of properly protecting and maintaining IT systems, even those that are not obviously high-impact systems.

It could be that the lack of an updated antivirus program contributed to the loss of those lives on Spanair JK 5022.

About the Author

William Jackson is a Maryland-based freelance writer.


  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.