Slashdot Mirror

← Back to Stories (view on slashdot.org)

Planes Can Be Hacked Via Inflight Wi-fi, Says Researcher

Posted by samzenpus on from the protect-ya-neck dept.

wired_parrot writes In a presentation to be shown Thursday at the Black Hat conference, cybersecurity consultant Ruben Santamarta is expected to outline how planes can be hacked via inflight wi-fi. Representatives of in-flight communication systems confirmed his findings but downplayed the risks, noting that physical access to the hardware would still be needed and only the communication system would be affected.

25 of 151 comments (clear)

  1. yes... by gandhi_2 · · Score: 5, Funny

    ... but only by using Python.

    --
    THL phish sticks
    1. Re:yes... by Anonymous Coward · · Score: 5, Funny

      Get these motherfucking scrips off my motherfucking plane!

    2. Re:yes... by CanHasDIY · · Score: 2

      I like my cash like I like my women:

      Bound in rolls and stuffed into a dufflebag?

      --
      An enigma, wrapped in a riddle, shrouded in bacon and cheese
    3. Re:yes... by Fear+the+Clam · · Score: 2

      I like my cash like I like my women:

      Soiled and devalued?
      On fire to light your cigar?
      New and plastic?
      Given to street musicians and the homeless?

  2. So, which is it? by timrod · · Score: 4, Insightful

    Is it as Ruben Santamarta says, that the plane's satellite communications system can be hacked into via the plane's wifi? Or is it as the manufacturers say, and the hacker would have to have physical access to the hardware and couldn't do much of anything anyway? There's two very different points of view here and I'm not sure how they're supposed to meet up.

    1. Re:So, which is it? by Anonymous Coward · · Score: 2, Funny

      Is it as Ruben Santamarta says, that the plane's satellite communications system can be hacked into via the plane's wifi? Or is it as the manufacturers say, and the hacker would have to have physical access to the hardware and couldn't do much of anything anyway? There's two very different points of view here and I'm not sure how they're supposed to meet up.

      It's a bit odd to talk about physical access when speaking about a metal tube flying along at 35,000 feet.

      It's not like attacks are going to take place outside the plane.

    2. Re:So, which is it? by Anonymous Coward · · Score: 4, Funny

      That is what William Shatner thought.

      CAPTCHA: afraid

    3. Re:So, which is it? by Jane+Q.+Public · · Score: 5, Insightful

      Is it as Ruben Santamarta says, that the plane's satellite communications system can be hacked into via the plane's wifi? Or is it as the manufacturers say, and the hacker would have to have physical access to the hardware and couldn't do much of anything anyway? There's two very different points of view here and I'm not sure how they're supposed to meet up.

      Any airplane manufacturer that is stupid enough to link their passenger wi-fi system to ANYTHING else, deserves to get a few planes stuffed into the ground. Same with auto companies. If true, the whole thing is about as lamebrained as it gets.

    4. Re:So, which is it? by jittles · · Score: 4, Interesting

      Is it as Ruben Santamarta says, that the plane's satellite communications system can be hacked into via the plane's wifi? Or is it as the manufacturers say, and the hacker would have to have physical access to the hardware and couldn't do much of anything anyway? There's two very different points of view here and I'm not sure how they're supposed to meet up.

      Any airplane manufacturer that is stupid enough to link their passenger wi-fi system to ANYTHING else, deserves to get a few planes stuffed into the ground. Same with auto companies. If true, the whole thing is about as lamebrained as it gets.

      Volkswagen hooks up their audio systems to the CANBUS on cars. Those audio systems may have bluetooth enabled. This may allow a hacker to get onto the CANBUS via BT. I haven't tried, but it's definitely something that one could attempt. Other manufacturers do this also, such as GM and Chevy.

    5. Re:So, which is it? by geekoid · · Score: 4, Insightful

      Yes, hundreds of people 'deserve' to die. It certainly not the person doing the attacks fault at all.
      Idiot.

      --
      The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
    6. Re:So, which is it? by Jane+Q.+Public · · Score: 3, Interesting

      Other manufacturers do this also, such as GM and Chevy.

      Yes, that was my understanding as well. And that was my point. It just doesn't look very smart, from where I sit.

      In my view (which I would be happy to review and modify if someone has a better idea), you have 3 basic systems in a modern automobile. In order of importance: [1] critical control and feedback, [2] internal environment, and [3] entertainment.

      [1] and [2] should have strictly limited communication, if any. [2] and [3] should probably have none, and [1] and [3] should not communicate at all under any circumstances.

    7. Re:So, which is it? by NoKaOi · · Score: 2

      "Planes Can Be Hacked" really means "Planes' Satellite Communication System Can be Hacked." That's a huge distinction. A malicious hacker still can't control the plane or it's radio communications, which are the important things. There are good reasons why the FAA is strict rules about airplanes not relying on satellites.

      To give you an idea of the technical prowess of the article: "he discovered the vulnerabilities by "reverse engineering" - or decoding - highly specialized software known as firmware." But it seems the "researcher" is trying to sensationalize things:
      "In theory, a hacker could use a plane's onboard WiFi signal or inflight entertainment system to hack into its avionics equipment, potentially disrupting or modifying satellite communications, which could interfere with the aircraft's navigation and safety systems, Santamarta said."
      Now let's read between the lines. Avionics is any kind of electronics, even the entertainment system, so really no big deal, they can't hack anything important. For the "navigation" systems, he's not talking about GPS (even if he were it wouldn't be a big deal, airplanes can navigate just fine without GPS), but the communication system does send the GPS location, altitude, and speed back home. If that goes down, not a big deal because that's not what air traffic control relies on.

      The worst that could happen is causing a panic by putting porn up on a flight to Disneyland and reporting back an altitude and speed of zero, which I'm sure would prompt a quick call to someone with air traffic control info who would say everything is fine. It would also prompt a lawsuit from the parents of small children for subjecting them to porn, but that would be made up for by ticket sales from college students wanting to fly that airline for their spring break vacation.

    8. Re:So, which is it? by boaworm · · Score: 2

      The pilot can use these data link communication channels to make his/her life easier. As an example, when asking for a new flight level clearance, they can (given up2date Flight Management System computers) dispatch a digital message to ATC (Air Traffic Control) rather than using the radio. A bit like sending a text message. This can be far more reliable than long-range radio where the audio quality isn't great. Similarly, the ATC can confirm the flight level clearance (climb or descent) via a data message, rather than over radio. The FMS display will confirm, reject or propose alternatives.

      I can imagine a couple of not so scary scenarios:
      * Overloading the data link, causing other messages to be delayed and/or dropped. This means the pilot will have to fall back to radio and/or resend the message.
      * Read in-flight reporting/confirmation data
      * Read load manifests, fuel status updates, passenger manifests etc.
      * Access what other passengers are watching on their inflight entertainment system
      * Eavesdrop on other passengers' facebook chats

      And some more scary ones (if the break-in allows access to flight data messages):
      * Send/request ATC communication, clearance requests etc
      * Flooding ATC stations/comms systems with bogus data, preventing efficient communication between aircraft (this, and others) and ATC

      One would assume the fly-by-wire system is entirely isolated from this.

      --
      Probable impossibilities are to be preferred to improbable possibilities.
      Aristotele
    9. Re:So, which is it? by boaworm · · Score: 3, Informative

      For the "navigation" systems, he's not talking about GPS (even if he were it wouldn't be a big deal, airplanes can navigate just fine without GPS), but the communication system does send the GPS location, altitude, and speed back home. If that goes down, not a big deal because that's not what air traffic control relies on.

      More and more aircraft and ATC centers support ADS-B transponders and data, which include a GPS-derived position (altitude + position) messages as a part of System Tracking (you can check out Eurocontrols Asterix cat62 protocol and ADS-B applications). Older MSSR radars will provide you with a rough estimate of the position and an assumed altitude based on the aircrafts built-in systems, which is being tracked using for example Kalman filters to predict the current and future position. Switching over to GPS as the primary source of positioning data is allowing tighter packing of aircraft (reduced horizontal and vertical separation rules), which is becoming critical for congested airports to reduce the time between takeoffs/landings, as well as to keep aircraft in holding patters packed tighter together.

      Also, ADS-B can be sent as frequently as 1 message/second due to signals going down towards earth rather than in all directions. Current MSSR radars usually have a scan time of 5-12 seconds.

      So interruptions with these data links (say someone hacks into it and manages to shut it down) would lead to the ATC center having to fall back on MSSR Tracking, meaning you will be violating horizontal and vertical separation rules until the controller can create more space around the aircraft again.

      --
      Probable impossibilities are to be preferred to improbable possibilities.
      Aristotele
    10. Re:So, which is it? by ThatsMyNick · · Score: 2

      The pilot can use these data link communication channels to make his/her life easier.

      CPDLC is a separate system, it does not depend on the satellite link. The one compromised is the satellite infotainment system. They are not connected. Fly-by-wire avionics are of course isolated (for regulatory reasons).

    11. Re:So, which is it? by SlaveToTheGrind · · Score: 2

      Did I, at any point, say I felt passengers deserved to die? No, I did not. . . . . Not every flight (for any airliner) is commercial, and not every flight carries passengers.

      Nice attempt at backpedaling from your original cavalier, thoughtless, and utterly stupid comment, bucko, but you're stuck with it. The only scenario where somebody innocent doesn't die is if the only people on the plane, including the pilot, are the ones engaged in hacking into the plane's control system through the wifi to... wait for it... interfere with the flight controls and crash the plane. Hopefully even you can figure out why that scenario won't happen. Ever.

  3. No they cant. by Lumpy · · Score: 5, Insightful

    They did not get into the aircraft avionics.

    They got into the satellite communications for the Infotainment system.

    NONE of the systems like that have any interconnection to avionics or telemetry.

    --
    Do not look at laser with remaining good eye.
    1. Re:No they cant. by 93+Escort+Wagon · · Score: 3, Funny

      ahh... so just all the passenger data can be hijacked.
      nothing to worry about here.

      Google and the NSA are worried... about someone else encroaching on their turf.

      --
      #DeleteChrome
    2. Re:No they cant. by DivineKnight · · Score: 2

      You're thinking too small. Think bigger...if you have access to the in-flight infotainment system, you have access to the eyes, hearts and minds of the passengers. Passengers who are, due to not so subtle-conditioning, easily frightened. "9/11" "Never again!" Pictures of the statue of liberty crying and politicians dissembling at the top of their lungs. =^_^=

      So what would I do? Two things. I'd play a video, ostensibly of a 'live' newscast that the plane they are currently on has been taken over by terrorists, and that their current pilot / co-pilot / first officers are planning to ram the Pentagon. Think about it. Some people on the plane will look at their ticket subs, figure out that the plane they're on is the one being hijacked, and rush the pilot's cabin as one person.

      When they rush the cabin, I begin jamming the radio (cellphone signals are already being jammed, and wireless internet as well). At this point, on the ground, a video is delivered to the real media stating that some terrorist group (sans pilot / copilot, as background checks on the ground will clear them) have taken over the plane, and are planning another 9/11 style attack. With the radio dead and lack of useful communication, the military will assume the worst.

       

    3. Re:No they cant. by LoRdTAW · · Score: 2

      Here here:
      In theory, a hacker could use a plane's onboard WiFi signal or inflight entertainment system to hack into its avionics equipment, potentially disrupting or modifying satellite communications, which could interfere with the aircraft's navigation and safety systems, Santamarta said.

      So it stands that there really isnt much of a threat here. Either the journalist is confused or purposefully crafted the article so as to imply that a hacker with a wifi device can disable a planes navigation system or do worse. My money is on the latter. The reason I say that is because the two systems are indeed separate and not connected. This is why a Cobham rep said a hacker would need physical access to the planes avionics system. They (Cobham) made that distinction but the author never makes that clear.

      And I remember a similar article on /. a while back about an airline entertainment system being vulnerable. I thought it was jetblue but I can't find the article at the moment. It was the same "alarming" report that turned out to be a flaw in the TV or entertainment system. The worst was people couldn't watch TV on their 6+ hour flight.

    4. Re:No they cant. by CaptainDork · · Score: 2

      A crew of us was flying into Dallas one rime, circling the field. That was when pagers were big and cell phones were not.

      We all got a Sky Page about a Dallas flight circling DFW because of unknown mechanical failure and a crash landing was inevitable.

      Our buddies in Virginia thought it was funny.

      --
      It little behooves the best of us to comment on the rest of us.
  4. Hackers on a Plane. by tekrat · · Score: 2, Funny

    Quick, get Samuel L. Jackson on the phone.
    I smell a blockbuster movie in the works!

    --
    If telephones are outlawed, then only outlaws will have telephones.
  5. Re:No, it can't. by BenSchuarmer · · Score: 2

    ... what about the passengers? Do you honestly expect them to be able to survive a multi-minute flight with no wifi or infotainment? Oh the humanity!

  6. I don't buy it by TubeSteak · · Score: 2

    Hughes spokeswoman Judy Blake said hardcoded credentials were "a necessary" feature for customer service. The worst a hacker could do is to disable the communication link, she said.

    1. Are hardcoded credentials ever "necessary?" How about credentials that are generated on first boot and then requested by support?

    2. Disabling the communications link for a piece of hardware whose sole purpose is communications... kind of a big deal.

    --
    [Fuck Beta]
    o0t!
  7. there IS a connection by dltaylor · · Score: 5, Insightful

    I used to work for one of the In-Flight Entertainment (IFE) vendors. Although their "architect" was clueless about security, some of us doing the work managed to build some into the system. With WiFi, it was harder, but, before I left, we had, at least, set up some VPNs to isolate the system control links from the cabin crew- and customer-access features (don't know if that persisted). The entire IFE did rely on hard-coded passwords, though.

    There IS a connection between the IFE and aircraft systems. It is used to feed aircraft position and speed data, plus some useful state, such as wheels up/down (there are features that only enabled while in "cruise", but not during takeoff and landing, for example). The aircraft systems designers, however, seemed to have a clue about security, however, as we were only allowed a network connection to a slave server with no apparent upstream links.