Investigating the FAA Outage: Separating Fact from Fiction

Share this
Investigating the FAA Outage: Separating Fact from Fiction - SKIT

On January 11th, the Federal Aviation Administration (FAA) experienced a nationwide outage that caused widespread delays and cancellations for flights across the United States. The outage was caused by a problem with the FAA’s NOTAM (Notice To Air Mission) system.

NOTAMs are messages issued by the FAA to provide pilots with important information about flight restrictions, hazards, and other critical information. The NOTAM system is a critical component of the FAA’s air traffic control infrastructure, and the outage caused a ripple effect throughout the entire aviation system. Flights were grounded or delayed at airports across the country, and many pilots were unable to file flight plans or receive important information about the airspace they were flying in.

The FAA initially reported that the outage was caused by a problem with the system’s hardware, but later confirmed that it was due to a software issue. The FAA’s technical teams worked quickly to resolve the problem, but it still took several hours for the system to be fully restored.

While the FAA was able to restore the system relatively quickly, the impact of the outage was still felt for several days. Many flights were cancelled or delayed, and passengers faced long lines and wait times at airports. The FAA also issued a ground stop for flights headed to certain airports, which prevented flights from taking off until the NOTAM system was back online.

The Noise – Was This a Cyberattack?

Was this a cyberattack? - SKIT

Almost immediately, social media was flooded with theories of a potential cyberattacks, parallels to recent events like the water treatment plant and potential cover-ups.  It is natural for our minds to immediately jump to conclusions, especially when it comes to major events that disrupt our daily lives. However, when it comes to cyberattacks, it is important to not immediately assume that a major event is related to a cyberattack without proper investigation and evidence.

First and foremost, cyberattacks can often be difficult to detect and understand, and it may take time to determine the true cause of an event. Jumping to conclusions without all the facts can lead to misinformation and false accusations, which can cause further harm and damage.

Additionally, assuming that a major event is related to a cyberattack can also lead to a lack of focus on other potential causes. For example, a power outage could be caused by a cyberattack, but it could also be caused by a natural disaster or a mechanical failure. By not considering all potential causes, important information and potential solutions may be overlooked.

My Take

As previously mentioned, the core issue was identified a software issues or more specifically a corrupted file which appears to have persisted in backup copies, according to a report by CNN.  It has yet to be determined if this was intentional or accidental, as the incident response team (IRT) is still in the infancy of its investigation. The United States government at the time of this post has indicated that they do not believe this was a cyber-related event.

It is important to note that corrupted files can happen for a variety of reasons. Hardware failure, such as a malfunctioning hard drive or memory chip, can cause data to become corrupt or inaccessible. Human error, like accidentally deleting a file or saving over a file without a backup, can also lead to corrupted files. 

Malware, like viruses and ransomware, can corrupt files by altering or encrypting the data, making it difficult to recover. Software bugs can also cause corruption, where a program encounters an error and is unable to save the file correctly. Power outages can also cause files to become corrupt if the computer is not properly shut down.   

By all accounts, it is likely feasible that the last two may have been the culprit, but we need to remain patient until more details emerge.  It goes without saying that it is not enough to just have backups, but to ensure they are regularly tested.

Lessons Learned

This outage highlights the importance of the FAA’s air traffic control system and the critical role it plays in the safe and efficient operation of flights in the United States. It also serves as a reminder that even the most advanced technology can experience unexpected problems and that it’s important to have tested backup systems in place to minimize the impact of such issues.

Equally important, we should approach major events with a level-headed and methodical approach, and to not rush to conclusions without proper investigation and evidence. Gathering all the facts and considering all potential causes can ensure that the true cause of an event is identified and that the appropriate actions are taken to mitigate any damage and prevent future incidents.

A good data backup strategy should be in place, and to have software and tools to detect, diagnose and recover from corrupted files. Regular software updates, rollback procedures and malware scans can also help to prevent and mitigate large impact to critical operations.

Overall, the FAA’s ability to restore the system relatively quickly is commendable, but it’s important to remember that the outage caused significant disruptions for many travelers and the aviation industry as a whole. The FAA should strive to avoid such situations in the future and make sure that necessary measures are in place to minimize the impact of any future outages.


To support this blog, this post may contain affiliate links. Please read our Privacy Policy for more information.
Drawing on over two decades of experience in the Information Technology industry, I have acquired a diverse range of roles that have shaped my distinctive outlook. Through this journey, I have developed into an accomplished authority in risk management, catering to Fortune 500 companies and small businesses on a global scale. Over the past 12 years, my primary focus has centered on empowering small business owners and insurance professionals to comprehend the ramifications of cyber incidents and effectively mitigate the risks associated with potential data breaches. My passion for cybersecurity has inspired me to create the Sage Knows IT blog. Through this platform, I aim to help small business owners and aspiring IT professionals understand the roadmap of the IT industry based on my experiences. Information Technology and Information Security are crucial for our future, and I hope my blog will motivate those who are interested in joining this ever-evolving field.

Related Posts

Maximizing Email Security: Understanding the Importance of DKIM, SPF, and DMARC

Email is a crucial part of our daily lives, but unfortunately, it’s also a popular target for cybercriminals who use various tactics like spam, phishing, and spoofing to scam people. The FTC recently issued a warning to users of MetaMask and PayPal about phishing scams that are currently circulating through fake emails. The scam claims that the user’s cryptocurrency wallet has been blocked and encourages them to click a link and update their wallet to prevent the loss of their crypto. To protect email users from these threats, authentication protocols like DKIM, SPF, and DMARC are strongly recommended.

Top 10 Cybersecurity Job Sites

Top 10 Job Sites for Cybersecurity Professionals

As the world continues to rely heavily on technology, the demand for cybersecurity professionals continues to grow. Cybersecurity jobs offer high salaries, job security, and a wide range of career options. However, finding the right job can be challenging.

Creating Your Wireless Workspace in 2023

As more and more of us work remotely or from home, having a wireless workspace has become increasingly important. Not only does it allow for greater flexibility and mobility, but it can also help declutter your desk and make your work environment more efficient.

Failing Exams: How to Turn Failure into an Opportunity for Growth

One of the most valuable lessons I have learned is that failing an exam is not the end of the world. In fact, it can be a crucial step in the learning process. When we fail, it forces us to take a step back and assess what went wrong.

What Is Symmetric Encryption? [VIDEO]

Symmetric Encryption is an algorithm that uses the same secret key to both encrypt and decrypt plaintext into ciphertext….

Sage Knows IT: The Future Risks of Smart Contracts

The Future Risks of Smart Contracts

In its simplest form, Smart Contracts are programmable logic (or code) that exists on a blockchain.  It is commonly used to define terms or agreements among parties such as ownership, rights, payment options or business logic.