U.S. official blasts Montreal-based UN aviation agency's handling of cyberattack

The U.S. ambassador to the International Civil Aviation Organization has slammed the UN aviation agency for its handling of a 2016 cyberattack and the coverup that followed.

A CBC investigation found that in November 2016, the Montreal-based organization, known by its acronym ICAO, was hit by the most serious cyberattack in its history.

Internal documents suggested key members of the team who should have prevented the attack instead tried to cover up how badly it was mishandled. ICAO's chief of communication called the CBC's reporting "greatly exaggerated."

In a speech to the International Aviation Club in Washington, D.C., Thomas Carter said following the CBC investigation, members of the ICAO's elected council learned the network had been compromised for "quite some time" and that both member states and contractors had to fend off attacks from malware that came from the ICAO system.

"To put it bluntly, ICAO systems were totally exposed by a foreign state actor, and two completely independent forensic investigations proved this to be true.

"The way the hacks — by the way, not just one, but four — were handled was unacceptable," he said. His remarks were published on the U.S. Department of State website following the event.

"We, as council representatives of our countries, would not have known about the inadequate response to the hacks or the immense harm that they inflicted on ICAO's IT systems without the CBC article."

Carter said when the CBC article was first published, some members of the ICAO secretariat "were more concerned about finding the leaker than giving the council an accurate portrayal of what actually happened."

He said the ICAO council, which comprises 36 member states, is now looking into strengthening the whistleblower protection program.