Researcher shows how to hack (and crash) a passenger aircraft with an Android phone...
If you're nervous about flying, this won't allay your fears about hopping on a plane, so you might want to look away now. The Hack In The Box security conference taking place in Amsterdam this week has thrown up some interesting talks - but none so concerning as 'Aircraft Hacking: Practical Aero Series' by Hugo Teso.
Teso works as a security consultant at n.runs in Germany, and his Aircraft Hacking talk promised a practical demonstration of how to remotely attack and take full control of an aircraft. His talk was the product of three years of developing code and tinkering with second-hand flight system software and hardware. It comes a fortnight after the Federal Aviation Administration (FAA) have expressed hopes that they will be able to relax rules for reading devices during take-off and landing - and with this research, they may want to reconsider their position.
The results of Teso's hard work are terrifying. Firstly, the Automated Dependent Surveillance-Broadcast (ADS-B), which is a surveillance technology for tracking aircraft, has no security. The United States government will require all aircraft to be equipped with ADS-B by the year 2020 - however, the system has been proven to be unencrypted and unauthenticated. Teso's presentation stated that the attacks on this system "range from passive attacks (eavesdropping) to active attacks (message jamming, replaying, injection)".
Secondly, the Aircraft Communications Addressing and Reporting System (ACARS) - which is used for exchanging messages between aircraft and stations via radio or satellite - also has no security. Teso pointed out that anyone with a little knowledge can read and send ACARS messages - and it may be as simple as purchasing some hardware from eBay.
Using a lab of virtual planes based on real aircraft codes, Teso gave a practical demonstration of how to use ACARS to upload Flight Management System (FMS) data. Once in, he was able to manipulate the steering of a Boeing jet in 'autopilot' mode, and said he could make oxygen masks drop down, and even cause the plane to crash by setting it on a collision course with another plane.
Teso explained to Forbes: "ACARS has no security at all. The plane has no means to know if the messages it receives are valid or not. So they accept them, and you can use them to upload data to the plane that triggers these vulnerabilities. And then it's game over."
The hijack was all carried out using Teso's code, SIMON, and a specially-made Android app called PlaneSploit (fortunately, it's not available for the masses) which enable the user to: change the plane's course; crash the plane; set lights flashing in the cockpit; activate something when the plane is in a certain area.
As well as ACARS and ADS-B having serious security failings, Teso also pointed out that lots of aircraft computers run outdated software which don't meet modern safety requirements.
Teso told Forbes: "You can use this system to modify approximately everything related to the navigation of the plane. That includes a lot of nasty things."
Although this makes for uncomfortable reading for those of us who love to jet off on holidays, rest assured that the Federal Aviation Administration and the European Aviation Safety Administration have been informed and are working to patch up these security flaws.
Life & Style blogs
Android One handsets launch in India: £65 apiece with cricket scores baked in
Jennifer Lawrence nude pictures leaked: Reddit removes 'The Fappening' board dedicated to sharing naked pictures of celebrities
A bottle of wine a day is not bad for you and abstaining is worse than drinking, scientist claims
Vogue under fire for 'Big Booty' article
Vogue's 'Big Booty' stars
Daniele Watts: Django Unchained actress detained by Los Angeles police after being mistaken for a prostitute
The political class is doing what Hitler couldn’t – destroying Britain
Scottish independence: Nationalist leader Jim Sillars threatens pro-union companies with 'day of reckoning' after independence
Scottish independence: Yes campaign feels the heat as Alex Salmond's NHS claims come under furious attack
£23m Birmingham cycle scheme is attacked by Tory councillor for not catering to the elderly
Salmond accused of laughing off national debt with ‘what are they going to do: invade?’ joke
- 1 Scottish independence: Ireland since 1919 is a lesson for Scotland in what a Yes vote means
- 2 Thailand deaths: Pair's bloodied bodies found naked on Koh Tao beach
- 3 Lego breaks out of the toy box and heads for the gallery
- 4 Julian Assange and Edward Snowden join piracy mogul Kim Dotcom’s political campaign in New Zealand
- 5 Daniele Watts: Django Unchained actress detained by Los Angeles police after being mistaken for a prostitute
iJobs Gadgets & Tech
£45000 Per Annum: Clearwater People Solutions Ltd: Our client based in Chelmsf...
£25000 - £30000 Per Annum: Clearwater People Solutions Ltd: Our client are cur...
£40000 - £45000 Per Annum + benefits: Clearwater People Solutions Ltd: Project...
£350 - £425 Per Day: Clearwater People Solutions Ltd: Project Manager - 3 mont...