Aircraft Inflatable Lap Belts Hacked in TWA Incident

A Transportation World Airlines aircraft that was forced to return to Los Angeles International Airport yesterday when all the passenger inflatable lap belts simultaneously inflated as the aircraft crossed over the coast yesterday was the victim of a cyberattack. “We have been notified by GeschütztesDF, a notorious German hacker, that she was responsible for the activation of the lap belts,” John Frye, spokesperson for TWA, told reporters; “She has demanded that a ransom payment be paid to Stasi Ehemalige to avoid having future flights similarly attacked.”

Johnathan Quest, the spokesperson for the Federal Bureau of Inquiry, confirmed that Kate Libby, the hacker known as GeschütztesDF, was recently released from federal custody when a second federal trial on airline hacking charges based upon her part in the earlier WannaFly attacks resulted in a second hung jury. “She was released in New York just a little over a week ago and dropped out of sight within two hours of her release.”

Kate Libby (not related) from Dragonfire Cyber, reported that they were working with the FBI and the ECS-CERT on the investigation of the attack. “This morning our technicians found a vulnerability in the wireless test function of the electronics module of the lap belt system that allowed a specially crafted wireless signal to command inflate the lap belts,” Libby told reporters at a CI-SOC news conference this afternoon; “We have not confirmed that this vulnerability was exploited in the attack, but it is certainly an issue that needs to be addressed.”

Robotron Aero is working with Dragonfire to identify and fix the source of the vulnerability that was exploited in the attack. “Our technical staff is working on a fix for the vulnerability identified by Dragonfire,” Fritz Schmenkel, the Robotron manager for Aero division, “And we continue to look for other potential routes for yesterday’s attack.”

“Pending a solution to this problem, TWA is taking all seats that use the inflatable lap belts out of commercial service,” Frye told reporters this morning, “Fortunately, they are only currently being used in side facing seats in First Class on most of our aircraft, so we are not having to cancel any flights.”

Oscar Holmes, spokesperson for the Federal Airline Administration, reported that the agency has issued a safety advisory on the potential problem with the Robotron Aero lap belts. “We have told all airlines using the Robotron inflatable lap belts to stop allowing passengers in seats equipped with those lap belts. Replacements from other vendors that have been type certified for side facing seats can be used for up to 30-days without aircraft specific certification.” The FAA is continuing to monitor the investigation.

CAUTIONARY NOTE: This is a future news story –

Ransomware Attack Hits Satellite Comms

Vostok Satellite Company reports that communications services provided by their Vostok 1 satellite have been interrupted by a ransomware attack. “Our mobile satellite service has been interrupted by a new ransomware variant called SatWurm,” Valentina Tereshkova, spokesperson for Vostok Satellite, explained, “The satellite appears to be fully functional, but the transmission targeting controls are not allowing outgoing traffic to reach their intended recipient.”

The Brooklyn based company recently began offering mobile satellite service via their new software-defined satellite service. The satellite is able to use lower powered transmissions because the transmitter is more narrowly focused and targeted at the receiver’s location. Vostok 1 was launched on April 12^th, 2021.

Vostok Satellite announced that they are currently negotiating with the SatWurm controllers to return control of the satellite system. The unnamed attacker is reportedly asking 10 Bitcoin ($239,315) for removing the malware.

General Turgidson, Director of the National Critical Infrastructure Security Operations Center (CI-SOC), confirmed that they were working with Vostok Satellite. “We do not recommend that victims pay ransoms, but I understand why someone might take that approach to return their systems to full control,” Turgidson explained.

A technician with CI-SOC who is not authorized to talk to the press told me that the investigation as to how the attack gained control of the system would not be able to make much headway until they were able to access the control logs on the satellite. “The Vostok targeting controls are based upon information sent to the satellite by the customer ground stations,” she explained, “We suspect that the attack was initiated through those channels.”

CAUTIONARY NOTE: This is a future news story –

Chlorine Evacuations Another False Alarm

Yesterday’s evacuation of Depatman Doubs outside of Le Sel, LA was the result of alarms in the neighborhood and along the fence line at the near by ChlorAlk plant reporting a large chlorine gas release. As with the radiation alerts last week in Georgia, the alert and evacuation were based upon false information provided by the detectors, according to Sueur Hargreaves-Bird, spokesperson for ChlorAlk. “We know that we did not have even a small release of chlorine yesterday at the facility, so the alarms must have gone off in error,” Ms Hargreaves-Bird told reporters.

Kurt E Sabersky, a community organizer in Depatman Doubs, objected to the comparison with the nuclear facility incident. “There is nothing in Doubs worth stealing, so this was not a grand criminal conspiracy like that seen in Georgia,” Sabersky explained. “Doubs is a working-class neighborhood filled with 2^nd and 3^rd generation salt miners.” He has no idea why someone would have decided to attack this system.

Kurt reminded reporters that the sensors and alarms responsible for yesterday’s evacuation were the result of a 2015 chlorine release at the ChlorAlk plant that injured hundreds of Doubs residents and killed 13. “The court ordered ChlorAlk to install the network of sensors and alarms, as well as fund the quarterly evacuation drills to improve the emergency response capability of the neighborhood,” Sabersky explained.

The evacuations yesterday proceeded smoothly, with residents wearing their escape respirators and block captains with full-face respirators supervising the operations. “The evacuation was conducted in a professional manner, as you would expect with the number of neighborhood drills that have been conduct,” Sheriff Justice told reporters, “My deputies had to do little more than provide traffic direction to keep outsiders off the evacuation route.”

The National Critical Infrastructure Security Operations Center (CI-SOC) and the Federal Bureau of Inquiry are cooperating on the investigation of the incident. “Since the sensor and alarm network was mandated by a Federal Judge and overseen by the Federal Emergency Grant Administration (FEGA), the apparent attack on the system falls under federal jurisdiction,” explained Johnathan Quest, FBI spokesperson.

General Buck Turgidson, CI-SOC Director, told reporters via a video link that it does not appear that this incident was related to last weeks hack in Georgia. “Two entirely different types of sensor and monitoring platforms were used by the two system,” Turgidson said.

A technician working with Dragonfire Cyber, who is not authorized to speak to the press, told me that the sensors in yesterday’s incident did not appear to have been the source of access to the system. “All of the sensor logs show typical background chlorine readings for the facility and neighborhood,” she said, “Investigators are now looking at the monitoring station that controls the alarm network.”

CAUTIONARY NOTE: This is a future news story –

Nuclear False Alarm Was Cyberattack

The National Critical Infrastructure Security Operations Center (CI-SOC) confirmed this morning that yesterday’s nuclear evacuation alert was the result of a remote cyberattack on the nuclear radiation monitoring system near the Delano Nuclear Power Station. “While the attacker has taken efforts to hide their tracks,” General Buck Turgidson told reports this morning, “We have detected clear evidence that the sensors were compromised and directed to produce the high gamma radiation warnings that were the direct cause of yesterday’s evacuation order for Delano, GA.”

Turgidson explained that the CI-SOC was working closely with the Nuclear Power Generation Council to determine exactly how the NRMS were hacked and how to fix the underlying vulnerability in those sensors. “The US Army has deployed radiological monitoring teams in the Delano area to provide temporary background radiation coverage while we are working to remove the vulnerabilities from the installed system.”

S. James Butts, Delano Police Chief, in a separate news conference this morning discussed the looting that took place in the downtown business district during yesterday’s evacuation. He described some unorganized looting at two small grocery stores and one gun shop. “No weapons were taken, but most of the ammunition on display in the store walked out the front door,” Butts explained.

Butts went on to explain that the Delano Police Department had requested assistance from the Federal Bureau of Inquiry in investigating what appeared to be organized assaults on four jewelry stores. Everything in the display cases was removed at each store and safes were opened in three of the four stores. Video security systems showed that each store was hit by masked, three-person teams. Butts told reporters that: “The initial estimate of losses from the three stores is over a half-million dollars.”

Johnathan Quest, spokesperson for the FBI, confirmed that the agency was investigating the break ins in Delano, GA. “Jewelry store robberies are not typically high on the FBI’s crime list, but since it appears that these robberies are tied into the cyberattack on the radiation monitoring system, a federally regulated system, the FBI certainly feels that it has jurisdiction over robberies.

Mayor Arrington Carter told reporters this morning that she was disappointed with the way that the radiation warning system worked yesterday. Acknowledging that the system is an important safety measure that protects local citizens from potential accidental radiation releases from DNPS, she said: “Given their importance, the NMRS should not have been able to trigger an automatic radiation evacuation absent any indications of an actual release at DNPS. I will be working with the DNPS management team and the Energy Security Agency to see that this problem does not happen again.”

CAUTIONARY NOTE: This is a future news story –

Radiation Evacuations Ordered – False Alarm

The National Automated Alert System’s announcement of a radiation emergency around Delano Nuclear Plant this morning has been confirmed to be a false alarm, according to Gammon Frappu NAAS spokesperson. The NAAS alert this morning caused confusion and alarm at about 10:30 this morning when the Nuclear Radiation Monitors (NRMs) between the Plant and Delano, GA indicated a large gamma radiation release.

The Delano Nuclear Plant confirms reports that there have been no process upsets at the plant and none of the local radiation monitors have reported any out-of-band releases at the facility. “Our facility continues to operate safely, within all legal and safety constraints,” GT Seaborg, facility spokesperson, told reporters this afternoon.

Delano Mayor Arrington Carter, told the assembled reporters that her office has been in direct communication with DNP, NAAS and the Georgia Department of Homeland Security. “All agencies of the State and Federal government currently agree that this morning’s alert was a false alarm,” Arrington explained, “I have asked the Governor to ensure that a complete investigation is quickly done to determine the cause of today’s alert.”

A technician with DNP that is not authorized to talk to reporters told me that the NRMs used by NAAS are connected to the NAAS network by cell phone connections. cYbrg0D, an anonymous cybersecurity researcher, confirms that similar NRMs were recently hacked in Spain. She did not know if the ones actually in use in Georgia are the same model as those hacked in Spain.

S. James Butts, Delano Police Chief, confirmed that there was some looting this morning in the downtown business district. “All of our officers were working evacuation missions, so we had no one working in the area,” Butts explained, “I am very proud of how well our folks implemented the radiation response evacuation plan. We will investigate the looting and arrest the perpetrators.”

The mayor confirmed that the response form other city agencies was not as effectively done. “Once the dust settles, we will go back and relook at the response plan and how it was implemented this morning,” she said, “My main concern right now is finding out how this false alarm happened in the first place and how to prevent it from reoccurring. We do not need to cry wolf over a potentially very real problem.”

CAUTIONARY NOTE: This is a future news story –