Aircraft can be hacked in flight says researcher

Ruben Santamarta, a cyber security expert, highlights problems with the satellite communication systems that open up planes to hacking through entertainment and WiFi systems.

Santamarta is a consultant at IOActive and is presenting a talk at the Black Hat conference in Las Vegas on Thursday. He claims to have reverse engineered the firmware in communications equipment from major companies such as Harris Corp and Hughes Network Systems to identify vulnerabilities in avionics equipment. 

Santamarta's fear is that his theory identifies how hackers could get into the actual controls that manage an aircraft's navigation and safety systems through the ubiquitous inflight entertainment and WiFi systems already installed on most planes.

The hacks have not been tested outside of IOActive's Madrid labs and may not actually work in the real world, according to Santamarta, but the implications are serious enough to warrant exposure and lead to fixes from manufacturers.

Santamarta focused on the Aviation 700 aircraft satellite comms system from Cobham. Cobham spokesman Greg Caires has told Reuters news agency that hackers would have to have direct physical access to its equipment to be able to expose critical systems on a plane.

Santamarta may have identified a potential flaw but before you start panicking about watching inflight movies contributing to death in the skies, most vendors he pointed too have stated that the risks are very low.

In turn, Santamarta - who has published a 25-page report in April on numerous bugs in firmware in satellite communications equipment by Cobham, Harris, Hughes, as well as Iridium and Japan Radio Co -  believes that hackers can target hardcoded logins and passwords used by equipment makers to allow technicians direct access to these sensitive systems.

Black Hat believes that Santamarta is the first person to identify vulnerabilities in satellite communications equipment and Santamarta is prepared to answer his critics and supporters at the conference. Black Hat's conference organizers feel that while Santamarta isn't saying that someone could launch an attack on an airplane cockpit through its WiFi system the basic security issues are "pretty scary" and need to be addressed.

Joe Jejune

I am a gadget freak and love everything about technology. In my day job I work at a startup and help build applications for the healthcare industry. 


Cyber Wars, watch them live

Watch a real time map of cyber attacks around the world

Force Friday, the (merchandising) Empire strikes back

When George Lucas went door to door, trying to find a producer for his first Star Wars movie, later titled A New Hope, he had one thought on his mind, the merchandising rights. Through his experience with THX 1138 and American Graffiti, Lucas was determined to keep as many rights on his movies to himself, as he could. He owes the production of Star Wars to the success of American Graffiti, which wouldn’t have been possible without the assistance and support of Francis Ford Coppola. After the success of his earlier movies, Twentieth Century Fox, reluctantly, accepted to let him make Star Wars...

America’s Greatest Makers Gameshow: Is It A Disaster In the Making?

Intel's doing a gameshow which could be a good thing but history says it might be a really bad thing.