Aircraft can be hacked in flight says researcher



Ruben Santamarta, a cyber security expert, highlights problems with the satellite communication systems that open up planes to hacking through entertainment and WiFi systems.

Santamarta is a consultant at IOActive and is presenting a talk at the Black Hat conference in Las Vegas on Thursday. He claims to have reverse engineered the firmware in communications equipment from major companies such as Harris Corp and Hughes Network Systems to identify vulnerabilities in avionics equipment. 

Related: USB devices can be hacked maliciously

Santamarta's fear is that his theory identifies how hackers could get into the actual controls that manage an aircraft's navigation and safety systems through the ubiquitous inflight entertainment and WiFi systems already installed on most planes.

The hacks have not been tested outside of IOActive's Madrid labs and may not actually work in the real world, according to Santamarta, but the implications are serious enough to warrant exposure and lead to fixes from manufacturers.

Santamarta focused on the Aviation 700 aircraft satellite comms system from Cobham. Cobham spokesman Greg Caires has told Reuters news agency that hackers would have to have direct physical access to its equipment to be able to expose critical systems on a plane.

Santamarta may have identified a potential flaw but before you start panicking about watching inflight movies contributing to death in the skies, most vendors he pointed too have stated that the risks are very low.

Related: Everything is hackable including your car

In turn, Santamarta - who has published a 25-page report in April on numerous bugs in firmware in satellite communications equipment by Cobham, Harris, Hughes, as well as Iridium and Japan Radio Co -  believes that hackers can target hardcoded logins and passwords used by equipment makers to allow technicians direct access to these sensitive systems.

Black Hat believes that Santamarta is the first person to identify vulnerabilities in satellite communications equipment and Santamarta is prepared to answer his critics and supporters at the conference. Black Hat's conference organizers feel that while Santamarta isn't saying that someone could launch an attack on an airplane cockpit through its WiFi system the basic security issues are "pretty scary" and need to be addressed.




Joe Jejune

I am a gadget freak and love everything about technology. In my day job I work at a startup and help build applications for the healthcare industry. 


More

The Interview Will Finally Hit Theaters on Xmas

Terrorists can't kill the laughter

You Can't Kill Stan Lee

Marvel's Energizer Bunny still keeps going

Blackhat Capturing the Terror of Cyberattacks

Michael Mann could be right on time with his latest movie