Thursday, April 11, 2013

Another reason to avoid flying


As if the TSA weren't bad enough in itself, now we learn that hackers may be able to take over a plane's control systems with relative ease!  Computerworld reports:

The Hack in the Box security conference in Amsterdam has a very interesting lineup of talks [pdf]. One that jumped out was the Aircraft Hacking: Practical Aero Series presented by Hugo Teso, a security consultant at n.runs in Germany. According to the abstract, “This presentation will be a practical demonstration on how to remotely attack and take full control of an aircraft ..."

. . .

Here’s a few important facts: Automated Dependent Surveillance-Broadcast (ADS-B) has no security as was pointed out at Def Con 20 shortly before a hacker was able to inject ghost planes into radar. It is unencrypted and unauthenticated. Teso said, “Attacks range from passive attacks (eavesdropping) to active attacks (message jamming, replaying, injection.” The Aircraft Communications Addressing and Reporting System (ACARS) also has no security; it “is used for exchanging text messages between aircraft and ground stations via radio (VHF) or satellite.” Although his talk did not focus on the vulnerabilities in those two protocols, he used them to find targets.

Hugo Teso demonstrated complete pwning onboard Airplane Flight Control from a mobile application Anyone with the right tools and a little know-how can read and send these ACARS messages. Teso purchased hardware from eBay that provided “actual flight code software” for “training” such as Flight Management System made by Rockwell. He also needed a radio transmitter and explained about software radio systems before the talk. He audited real aircraft code, searching for vulnerabilities to exploit, but used a lab with virtual airplanes as opposed to hijacking an actual jet in flight. Hijacking a real plane during a flight was “too dangerous and unethical.”

Help Net Security was present at the demo and explained:

By taking advantage of two new technologies for the discovery, information gathering and exploitation phases of the attack, and by creating an exploit framework (SIMON) and an Android app (PlaneSploit) that delivers attack messages to the airplanes' Flight Management Systems (computer unit + control display unit), he demonstrated the terrifying ability to take complete control of aircrafts by making virtual planes "dance to his tune."

There's more at the link.  Highly recommended reading, if a bit technical from time to time.

Does anyone seriously doubt that North Korea, or Iran, or Muslim extremist terrorists, or any other disaffected individual, group or nation with basic technical savvy, isn't more than capable of duplicating this feat?  And after 9/11, can anyone seriously doubt that there would be agents and/or terrorists more than willing to board a flight carrying a smartphone equipped with the necessary programs to allow them to crash the plane?

Yet another reason to drive rather than fly . . .





Peter

2 comments:

Borepatch said...

I much prefer to drive, but I'm pretty skeptical about this. I go into why in some depth:

http://borepatch.blogspot.com/2013/04/so-can-you-really-hijack-plan-using.html

skreidle said...

Three more refutations: http://www.schneier.com/blog/archives/2013/04/remotely_hijack.html