By the end of July, Garmin’s online services for aviation and other markets had been restored after what the company acknowledged was a “cyber attack that encrypted some of our systems on July 23, 2020.” Although the company has not provided details at this writing, the outage was widely suspected to be a “ransomware” attack, in which hackers gain access to a networked system and encrypt its data, rendering the system unusable. In a ransomware attack, the perpetrators typically seek some kind of payment in exchange for decryption.
According to our online sister publication AVweb.com, “The data outage spread across nearly all of Garmin’s consumer markets, stopping the flow of data between Garmin devices and its cloud storage network. This included flyGarmin and its website, plus the Garmin Pilot app. That in turn shut down flight planning on Garmin’s platform, halted nav data downloads and locked out electronic logbook data.” The cyber attack reportedly disabled even Garmin’s telephone system as avionics technicians reported they were unable to contact the company’s support personnel.
By afternoon on July 27 in the U.S., the company’s web site said, “Aviation services are fully operational. We are currently experiencing a higher than normal call volume, but our call centers are fully capable at this time. We are working to address all calls as quickly as possible and apologize for any inconvenience.”
In a press release issued the same day, Garmin said, “We have no indication that any customer data, including payment information from Garmin Pay™, was accessed, lost or stolen. Additionally, the functionality of Garmin products was not affected, other than the ability to access online services.”
Importantly, at no point during the cyber attack or since has there been any evidence the hackers manipulated navigation data. The company’s online services include navigation data updates for its industry-leading avionics.
CESSNA, PIPER WING ADs REMAIN UNSETTLED
Recent proposed and finalized FAA airworthiness directives (ADs) targeting the wing spars installed in popular models from both Cessna and Piper continue to evolve, according to AOPA. Both ADs followed catastrophic failures of wing spars, resulting in loss of the aircraft involved and fatalities.
The original Piper AD targeted the PA-28 and early fixed-gear PA-32 types encompassing some 20,000 airplanes in the U.S. fleet. The Piper AD arose from the April 4, 2018, separation of the left wing from a flight school-operated Piper PA–28R-201 the NTSB attributed to “metal-fatigue cracking associated with flight training maneuvers and frequent landing cycles,” the association said.
Since the AD was originally proposed in 2018, the list of affected aircraft has been reduced by approximately 8800, although retractable-gear versions of the PA-32 were added at the same time. Also, “[t]he updated AD proposal would no longer allow replacing a wing spar with a used part. Another new provision would replace a procedure mandated for an eddy-current inspection with the procedure set forth in a Piper service bulletin that was issued after the AD was proposed,” AOPA said.
“AOPA remains concerned that the proposed July 20, 2020 applicability change still includes certain models that are not representative of the accident aircraft that precipitated this AD,” wrote Christopher Cooper, AOPA’s director of regulatory affairs, pointing out that PA–28-151 and PA–28-181 models that remain subject to the AD “have similar characteristics in both airframe and horsepower” to other models that were removed.
The Cessna AD, meanwhile, affects some 1500 early-model 210 airplanes (210G, T210G, 210H, T210H, 210J, T210J, 210K, T210K, 210L, T210L, 210M, and T210M) and stems from a wing separation in Australia. That accident was traced to cracking initiated by corrosion in the spar carrythrough. The Cessna 210 AD went into effect in March 2020 and the FAA now has developed a Special Airworthiness Information Bulletin (SAIB AIR-20-10) to advise owners and operators of four alternative methods of compliance (AMOCs) and respond to frequently asked questions associated with the AD.
The four AMOCs on the Cessna 210 AD were developed by Textron Aviation, Cessna’s parent company, and address coatings to be applied after inspections, clarify eddy-current inspection applicability to the carry-thru spar lower cap and extend the compliance time to September 9, 2020, or 20 hours time-in-service (TIS) after March 9, 2020, whichever occurs first. According to the SAIB, the compliance extension was based on “difficulty meeting the 60 day compliance time due to factors associated with the COVID-19 virus.”
The FAA’s SAIB on 210 models also notes, “Replacement spars are not currently available from Textron Aviation Inc. Textron Aviation Inc. no longer produces the current spar design, but they are working to develop a new spar design. The FAA does not have a date on when these parts may be available. The FAA does not know of any third parties currently producing spars for these airplanes. Replacement spars may be available from salvage,” but must be inspected per the AD.
Garmin Aviation’s status-reporting page in early August presented graphical information on its major online services, including flight planning, its data connection to the FAA and its flyGarmin.com aviation portal, among others. At right, the graphic depicts the systems’ status for the preceding 90 days. Outages and slowdowns for the period are depicted by the red and yellow hashmarks, respectively.