Could a hacker take over a plane?

Last updated 14:02 08/08/2014

Relevant offers


Great Barrier Reef coral bleaching: How tourists can help save the reef Crabs invade Cuba's Bay of Pigs Travel after a breakup: How travelling can help you get over it Egypt's tourism officials insist popular sites are safe Mystery burger is sole menu item on North Korean airline Ready for take-off? China's answer to Boeing now just needs to sell Block Island: The US island that wants to keep out Uber Kenny G's impromptu concert on an airplane for charity Uber plans to test flying taxis in Dallas and Dubai by 2020 Direct flights from Perth to London to go on sale

This article originally appeared on Mashable.

Gone are the days of mile-high airplane hijackings carried out with guns or knifes. In the future all a hijacker or a terrorist might need is a computer or a smartphone - and some good hacker skills.

Ruben Santamarta, a security researcher at IOActive, showed a packed room at the Black Hat security conference in Las Vegas on Thursday how several types of satellite communications equipment used in airplanes all over the world can be hacked.

Taking advantage of "critical" holes in these devices, an attacker could tamper with the plane's satellite communications, he said, interfering with its navigation and safety systems.

And all they'd need is to be on a plane's WiFi and in-flight entertainment system.

"That doesn't mean we can crash an aircraft," Santamarta said during a press conference ahead of his talk. But he did say a hack like this could lead to dangerous situations, like a scenario in which a pilot is fed fake data from the ground.

Santamarta's findings might be hard to replicate in the real world.

They were done in a lab, reverse engineering the firmware of the devices. But they do show that manufacturers selling equipment commonly deployed in airplanes have left gaping holes in their hardware.

"The fact is that those vulnerabilities are there, so maybe it's possible, maybe not," Santamarta said. "But it's something that should be fixed."

Other experts agreed. "The type of vulnerabilities he discovered are pretty scary just because they involve very basic security things that vendors should already be aware of," Vincenzo Iozzo, a member of Black Hat's review board, told Reuters, which first reported on Santamarta's research.

The manufacturers of the devices, however, all dismissed the research, saying the risks are "minimal" or "small" or that the hackers would need physical access to the device to carry out the exploit.

IOActive already published a white paper on this topic in April, but Santamarta disclosed new technical details at his talk on Thursday.

Ad Feedback

Security researchers have been looking into airplane systems' security for some time. Last year, Hugo Teso showed how a hacker could exploit a protocol used to transmit data to commercial airplanes from the ground with an Android phone, potentially giving the hacker the ability to take over the plane, via a malicious radio signal.

As with Santamarta's research, Teso's was also done only at an experimental level. It was dismissed as unlikely to work by European and American aviation authorities.

Also at Black Hat in 2012, another researcher showed he could make nonexistent planes appear on the screen of air traffic controllers, perhaps scaring real planes into trying to avoid them.

This hack took advantage of a vulnerability in the next-generation air traffic control system, the Automatic Dependent Surveillance-Broadcast (ADS-B).


Special offers

Featured Promotions

Sponsored Content