Could a hacker take over a plane?

Last updated 14:02 08/08/2014

Relevant offers


The six things that make for a happy nation Free WiFi and meditation as airlines grapple with laptop ban Plans to introduce light rail from Auckland Airport to city centre confirmed Packing hacks for the plus-size traveller Singapore Airlines announces additional flights to and from Christchurch GPS device to prevent false Everest claims by climbers Once the queen of the skies, the Boeing 747 will soon be just a flying truck Coastal Pacific Trail a step closer after Government promises cyclists will be considered in SH1 rebuild Of bread and wine: Auckland and Wellington among the world's most expensive cities What it's like to be a space tourist: get ready to feel awful

This article originally appeared on Mashable.

Gone are the days of mile-high airplane hijackings carried out with guns or knifes. In the future all a hijacker or a terrorist might need is a computer or a smartphone - and some good hacker skills.

Ruben Santamarta, a security researcher at IOActive, showed a packed room at the Black Hat security conference in Las Vegas on Thursday how several types of satellite communications equipment used in airplanes all over the world can be hacked.

Taking advantage of "critical" holes in these devices, an attacker could tamper with the plane's satellite communications, he said, interfering with its navigation and safety systems.

And all they'd need is to be on a plane's WiFi and in-flight entertainment system.

"That doesn't mean we can crash an aircraft," Santamarta said during a press conference ahead of his talk. But he did say a hack like this could lead to dangerous situations, like a scenario in which a pilot is fed fake data from the ground.

Santamarta's findings might be hard to replicate in the real world.

They were done in a lab, reverse engineering the firmware of the devices. But they do show that manufacturers selling equipment commonly deployed in airplanes have left gaping holes in their hardware.

"The fact is that those vulnerabilities are there, so maybe it's possible, maybe not," Santamarta said. "But it's something that should be fixed."

Other experts agreed. "The type of vulnerabilities he discovered are pretty scary just because they involve very basic security things that vendors should already be aware of," Vincenzo Iozzo, a member of Black Hat's review board, told Reuters, which first reported on Santamarta's research.

The manufacturers of the devices, however, all dismissed the research, saying the risks are "minimal" or "small" or that the hackers would need physical access to the device to carry out the exploit.

IOActive already published a white paper on this topic in April, but Santamarta disclosed new technical details at his talk on Thursday.

Ad Feedback

Security researchers have been looking into airplane systems' security for some time. Last year, Hugo Teso showed how a hacker could exploit a protocol used to transmit data to commercial airplanes from the ground with an Android phone, potentially giving the hacker the ability to take over the plane, via a malicious radio signal.

As with Santamarta's research, Teso's was also done only at an experimental level. It was dismissed as unlikely to work by European and American aviation authorities.

Also at Black Hat in 2012, another researcher showed he could make nonexistent planes appear on the screen of air traffic controllers, perhaps scaring real planes into trying to avoid them.

This hack took advantage of a vulnerability in the next-generation air traffic control system, the Automatic Dependent Surveillance-Broadcast (ADS-B).


Special offers

Featured Promotions

Sponsored Content