Could a hacker take over a plane?

Last updated 14:02 08/08/2014

Relevant offers


Sichuan Airlines to become next Chinese airline to serve New Zealand Classic Fighters Omaka crosses fingers for flying conditions after event cancellation Dark Skies tourism project investigated in Southland Auckland Council frees up 29 new overnight spots for freedom camping Qantas' new Dreamliners will come without window shutters 'Crazed' man in Hawaii rams airport doors, dies after struggle with police Dubai police reprimand skyscraper model Wings Over Wairarapa festival cancelled due to bad weather Westport wasteland transformed by volunteers into beautiful river trail Qantas offers streaming services Foxtel, Netflix and Spotify on domestic flights for free

This article originally appeared on Mashable.

Gone are the days of mile-high airplane hijackings carried out with guns or knifes. In the future all a hijacker or a terrorist might need is a computer or a smartphone - and some good hacker skills.

Ruben Santamarta, a security researcher at IOActive, showed a packed room at the Black Hat security conference in Las Vegas on Thursday how several types of satellite communications equipment used in airplanes all over the world can be hacked.

Taking advantage of "critical" holes in these devices, an attacker could tamper with the plane's satellite communications, he said, interfering with its navigation and safety systems.

And all they'd need is to be on a plane's WiFi and in-flight entertainment system.

"That doesn't mean we can crash an aircraft," Santamarta said during a press conference ahead of his talk. But he did say a hack like this could lead to dangerous situations, like a scenario in which a pilot is fed fake data from the ground.

Santamarta's findings might be hard to replicate in the real world.

They were done in a lab, reverse engineering the firmware of the devices. But they do show that manufacturers selling equipment commonly deployed in airplanes have left gaping holes in their hardware.

"The fact is that those vulnerabilities are there, so maybe it's possible, maybe not," Santamarta said. "But it's something that should be fixed."

Other experts agreed. "The type of vulnerabilities he discovered are pretty scary just because they involve very basic security things that vendors should already be aware of," Vincenzo Iozzo, a member of Black Hat's review board, told Reuters, which first reported on Santamarta's research.

The manufacturers of the devices, however, all dismissed the research, saying the risks are "minimal" or "small" or that the hackers would need physical access to the device to carry out the exploit.

IOActive already published a white paper on this topic in April, but Santamarta disclosed new technical details at his talk on Thursday.

Ad Feedback

Security researchers have been looking into airplane systems' security for some time. Last year, Hugo Teso showed how a hacker could exploit a protocol used to transmit data to commercial airplanes from the ground with an Android phone, potentially giving the hacker the ability to take over the plane, via a malicious radio signal.

As with Santamarta's research, Teso's was also done only at an experimental level. It was dismissed as unlikely to work by European and American aviation authorities.

Also at Black Hat in 2012, another researcher showed he could make nonexistent planes appear on the screen of air traffic controllers, perhaps scaring real planes into trying to avoid them.

This hack took advantage of a vulnerability in the next-generation air traffic control system, the Automatic Dependent Surveillance-Broadcast (ADS-B).


Special offers

Featured Promotions

Sponsored Content