Hacking Airplanes: Fact or Fiction?
Is it really possible to seize control of a flying airliner from your coach class seat? Did a security researcher stretch the truth when he told the FBI he did so, or did the FBI exaggerate in its search warrant application? This week’s FUD (Fear, Uncertainty, and Doubt) is more tangled than usual. Read on to unravel it, maybe...
Pass the Oxygen, Please...
Chris Roberts, founder of the One World Labs security intelligence firm (and a seeming relative of the “Duck Dynasty” cast) was banned from United Airlines in April after he tweeted this:
“Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM,? Shall we start playing with EICAS messages? ‘PASS OXYGEN ON’ Anyone? :)”
Translation: ‘I am aboard a Boeing 737/800. I see it has the type of entertainment system I’ve hacked before. Should I hack into the Engine Indicator Crew Alert System and send the crew bogus emergency messages like, ‘Passenger oxygen masks have been deployed?’” The smiley at the end is supposed to indicate that Roberts is “just kidding.”
As anyone who participates fully in reality knows, you don’t say "bomb" on a plane, and you don't kid about messing with airliners. An employee of United Airlines’ Cyber Security Intelligence Department (a real thing, apparently) got wind of Roberts’ tweet and called the FBI.
The FBI had already talked with Roberts in February. In fact, Roberts has been trying to get the attention of government authorities and aircraft manufacturers for five years. That’s how long he and an unnamed co-researcher have been sounding the alarm about what they claim are gaping holes in the security of critical avionics computer systems.
According to Roberts, publicly available aircraft maintenance manuals and other documents revealed that the passenger entertainment system is connected, in a round-about manner, to critical flight control systems. By prying the plastic cover off a box under an aisle seat, it’s possible to connect a laptop to the entertainment system via Ethernet cable.
Reality or Simulation?
From there, Roberts claims, he was able to view data traffic on the control system and could have tampered with it – if he wanted to. Roberts says that in tests using virtual simulations of the aircraft systems, he was able to issue commands that would have changed the plane’s course if they’d been issued on a real, in-flight system.
The FBI tells a slightly different story in its application for a search warrant of Roberts’ effects. The feds claim that Roberts told them he actually caused an airliner to momentarily veer off course.
Pioneering rocket scientist Robert Goddard proposed space flight in 1919, and was ridiculed in the New York Times. On July 17, 1969 (the day after the launch of Apollo 11) they published a correction.
Roberts does not contradict the FBI’s claim; he only says that the agency took one paragraph of his hours-long interview “out of context.” He did tell Wired magazine that he did not connect his laptop to the entertainment system of the flight from which he tweeted, but that’s not the flight the FBI accuses him of hacking.
A number of other security experts have weighed in to say that it’s “impossible” to do what Roberts claims he did in simulation and the FBI says he did in fact.
An aviation professor at Metro State University in Denver relies on what aircraft manufacturers have told him: “the in-flight entertainment system is a different system from the software that controls the avionics, flight controls and navigation systems of the plane," says Prof. Jeffrey Price.
One would certainly think so; there seems to be no reason to connect the movie projector to the flight controls. But what about the maintenance manuals that Roberts claims to have studied?
"This sounds scary but it is absolutely not possible," Jon Miller, a computer security researcher with Cylance, in Irvine, Calif., told USA Today. The newspaper says that Miller “has tested the vulnerability of in-flight entertainment systems.” But it doesn’t report what he found, or whether he’s tested the vulnerability of flight control systems being hacked via entertainment systems.
Did He or Didn't He?
Roberts has not been charged with any crime yet. The feds are saying that they “have no credible information to suggest an airplane's flight control system can be accessed or manipulated from its in-flight entertainment system.” So it seems the FBI’s application for a search warrant was perhaps not entirely based on “credible information.”
But come on... why can't the FBI put Roberts on a plane with his laptop, surrounded by other security experts and avionics engineers, and ask him to prove his claim? If he can make the plane change its course or altitude, the mystery is solved and Roberts is a hero. If not, he's apparently an attention-seeking narcissist.
The fallout of that ill-advised tweet for One World Labs has been devastating. Several investors have pulled out of the company, forcing lay-offs of a dozen staffers – half of the company’s headcount. Roberts says other issues played a factor in the investors’ unhappiness, but the tweet and its consequences were “the last straw.”
I won’t be convinced that an airliner can be hijacked via its entertainment system until Roberts makes his “publicly available documents” publicly available and his simulation of such a hijacking is reviewed by his peers in the security community. And then, they have to prove it in a controlled real-world scenario as I proposed above. But if, on my next flight, I see a Cat 6 network cable sneaking under a seat across the aisle from me, you’d better believe I’m ringing the flight attendant bell.
Your thoughts on this topic are welcome. Post your comment or question below...
This article was posted by Bob Rankin on 21 May 2015
|For Fun: Buy Bob a Snickers.|
Geekly Update - 20 May 2015
The Top Twenty
Really, a $9 Computer?
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Hacking Airplanes: Fact or Fiction? (Posted: 21 May 2015)
Copyright © 2005 - Bob Rankin - All Rights Reserved