Monday, 30 July 2012

ARINC’s CUPPS Was Bugged By Its Employee Claims CBI

Aeronautical Radio Incorporated (ARINC) of India has been managing the check-in counters, transfers counters and boarding gates at the IGI by using the Common Use Passengers Processing System (CUPPS). About a year ago, the CUPPS was infected with a malware and it caused great annoyance to the passengers.

The central bureau of investigation (CBI) was called in to investigate the issue. Now after a year CBI has come out with the cause and reason for the abnormal use of CUPPS. According to CBI, a disgruntled employee of Delhi airport’s service provider company was responsible for disrupting the check-in, boarding and baggage handling systems at Terminal 3.

It is claimed that the accused planted a malicious script ‘kill.cmd’ at the servers. The accused worked with ARINC as the system personnel. He was dissatisfied with his employment growth and wanted to prove his caliber to the company. He was expecting that by disrupting the system the company would call him to seek his services.  

The initial investigation focused on the insider’s involvement as the system required multiple access with administrator rights. Planting of the malware in such scenario was difficult except for an insider. Further, the system was accessed multiple times from remote locations in Bangalore. Let us see how this case would proceed further.