Hacking Airplanes: Fact or Fiction?
Is it really possible to seize control of a flying airliner from your coach class seat? Did a security researcher stretch the truth when he told the FBI he did so, or did the FBI exaggerate in its search warrant application? This week’s FUD (Fear, Uncertainty, and Doubt) is more tangled than usual. Read on to unravel it, maybe... |
Pass the Oxygen, Please...
Chris Roberts, founder of the One World Labs security intelligence firm (and a seeming relative of the “Duck Dynasty” cast) was banned from United Airlines in April after he tweeted this:
“Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM,? Shall we start playing with EICAS messages? ‘PASS OXYGEN ON’ Anyone? :)”
Translation: ‘I am aboard a Boeing 737/800. I see it has the type of entertainment system I’ve hacked before. Should I hack into the Engine Indicator Crew Alert System and send the crew bogus emergency messages like, ‘Passenger oxygen masks have been deployed?’” The smiley at the end is supposed to indicate that Roberts is “just kidding.”
As anyone who participates fully in reality knows, you don’t say "bomb" on a plane, and you don't kid about messing with airliners. An employee of United Airlines’ Cyber Security Intelligence Department (a real thing, apparently) got wind of Roberts’ tweet and called the FBI.
The FBI had already talked with Roberts in February. In fact, Roberts has been trying to get the attention of government authorities and aircraft manufacturers for five years. That’s how long he and an unnamed co-researcher have been sounding the alarm about what they claim are gaping holes in the security of critical avionics computer systems.
According to Roberts, publicly available aircraft maintenance manuals and other documents revealed that the passenger entertainment system is connected, in a round-about manner, to critical flight control systems. By prying the plastic cover off a box under an aisle seat, it’s possible to connect a laptop to the entertainment system via Ethernet cable.
Reality or Simulation?
From there, Roberts claims, he was able to view data traffic on the control system and could have tampered with it – if he wanted to. Roberts says that in tests using virtual simulations of the aircraft systems, he was able to issue commands that would have changed the plane’s course if they’d been issued on a real, in-flight system.
The FBI tells a slightly different story in its application for a search warrant of Roberts’ effects. The feds claim that Roberts told them he actually caused an airliner to momentarily veer off course.
Pioneering rocket scientist Robert Goddard proposed space flight in 1919, and was ridiculed in the New York Times. On July 17, 1969 (the day after the launch of Apollo 11) they published a correction.
Roberts does not contradict the FBI’s claim; he only says that the agency took one paragraph of his hours-long interview “out of context.” He did tell Wired magazine that he did not connect his laptop to the entertainment system of the flight from which he tweeted, but that’s not the flight the FBI accuses him of hacking.
A number of other security experts have weighed in to say that it’s “impossible” to do what Roberts claims he did in simulation and the FBI says he did in fact.
An aviation professor at Metro State University in Denver relies on what aircraft manufacturers have told him: “the in-flight entertainment system is a different system from the software that controls the avionics, flight controls and navigation systems of the plane," says Prof. Jeffrey Price.
One would certainly think so; there seems to be no reason to connect the movie projector to the flight controls. But what about the maintenance manuals that Roberts claims to have studied?
"This sounds scary but it is absolutely not possible," Jon Miller, a computer security researcher with Cylance, in Irvine, Calif., told USA Today. The newspaper says that Miller “has tested the vulnerability of in-flight entertainment systems.” But it doesn’t report what he found, or whether he’s tested the vulnerability of flight control systems being hacked via entertainment systems.
Did He or Didn't He?
Roberts has not been charged with any crime yet. The feds are saying that they “have no credible information to suggest an airplane's flight control system can be accessed or manipulated from its in-flight entertainment system.” So it seems the FBI’s application for a search warrant was perhaps not entirely based on “credible information.”
But come on... why can't the FBI put Roberts on a plane with his laptop, surrounded by other security experts and avionics engineers, and ask him to prove his claim? If he can make the plane change its course or altitude, the mystery is solved and Roberts is a hero. If not, he's apparently an attention-seeking narcissist.
The fallout of that ill-advised tweet for One World Labs has been devastating. Several investors have pulled out of the company, forcing lay-offs of a dozen staffers – half of the company’s headcount. Roberts says other issues played a factor in the investors’ unhappiness, but the tweet and its consequences were “the last straw.”
I won’t be convinced that an airliner can be hijacked via its entertainment system until Roberts makes his “publicly available documents” publicly available and his simulation of such a hijacking is reviewed by his peers in the security community. And then, they have to prove it in a controlled real-world scenario as I proposed above. But if, on my next flight, I see a Cat 6 network cable sneaking under a seat across the aisle from me, you’d better believe I’m ringing the flight attendant bell.
Your thoughts on this topic are welcome. Post your comment or question below...
This article was posted by Bob Rankin on 21 May 2015
| For Fun: Buy Bob a Snickers. |
 |
Prev Article: Geekly Update - 20 May 2015 |
The Top Twenty |
Next Article: Really, a $9 Computer? |
 |
Post your Comments, Questions or Suggestions
|
Free Tech Support -- Ask Bob Rankin Subscribe to AskBobRankin Updates: Free Newsletter Copyright © 2005 - Bob Rankin - All Rights Reserved About Us Privacy Policy RSS/XML |
Article information: AskBobRankin -- Hacking Airplanes: Fact or Fiction? (Posted: 21 May 2015)
Source: https://askbobrankin.com/hacking_airplanes_fact_or_fiction.html
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "Hacking Airplanes: Fact or Fiction?"
Posted by:
Boyd Rodman
21 May 2015
Not an expert, but the computer running an airliner is just loafing along. So it would not surprise me if the designers combined the control and entertainment systems. In that case, of course, if would be possible to hack into the system.
Posted by:
Jay, Texas
21 May 2015
I am with you Bob, as we used to say when I was a youth, put up or shut up.
Posted by:
Greg
21 May 2015
But of course all passenger aircraft have their flight critical systems routed thru the entertainment junction boxes under the seats - probably have a Ethernet port labeled "Connect here to takeover aircraft".......
I once took over an entire cruise ship by hacking the TV set in my cabin. Changed course from Ensenada to Honolulu !
EDITOR'S NOTE : So that was you! :-)
Posted by:
Patrick
21 May 2015
I agree. I would be easy to prove or disprove Roberts' claims. The aircraft wouldn't have to be flying. Just turn on the avionics.
Posted by:
Al Rebennack
21 May 2015
Your method of proving whether or not the claim can be proven is too logical. No government agency is going to go that way. :-)
Posted by:
Simon S.
21 May 2015
Want to "remotely seize control of a flying airliner"? You don't need to sneak in via the entertainment system. Technology allowing remote control of commercial grade aircraft has been available and under develoment for well over 30 years.
"In August of 2001, this technology was further demonstrated by Raytheon, which successfully took off and landed a Boeing 727 six times at Holloman AFB in New Mexico without a pilot on board." (See links below)
Sure, most of the aircraft referenced in the two links below were specifically designed to demonstrate the feasability of being remote controlled. However,
“Most modern aircraft have some form of autopilot that could be re-programmed to ignore commands from a hijacker and instead take direction from the ground . . . .” And "... the former head of British Airways “suggested . . . that aircraft could be commandeered from the ground and controlled remotely in the event of a hijack.”
I guess my post may trigger a slew of "tinfoil hats" and "conspiracy nuts" type comments. Whatever. Just note that most of the links provided in the two articles below are from so-called mainstream meadia sources.
http://www.globalresearch.ca/9-11-analysis-airplanes-have-been-flown-by-remote-control-since-1917/26483
https://www.corbettreport.com/how-to-steal-an-airplane-from-911-to-mh370/
Posted by:
sirpaul2
21 May 2015
First of all, I totally agree with your 'solution'.
It seems there would be safeguards, but on the other hand, you can't safeguard against things you don't foresee.
I haven't seen anything about Mr. Roberts being banned on other airlines, but I can't help but wonder why United would ban him if it were not plausible/possible (at least on some of their aircraft).
The Government Accountability Office said that some commercial aircraft may be vulnerable to hacking over their onboard wireless networks. "Modern aircraft are increasingly connected to the Internet. This interconnectedness can potentially provide unauthorized remote access to aircraft avionics systems," its report found.
I guess it's all 'still all up in the air'!
Posted by:
Daniel
21 May 2015
I wouldn't expect the government to have him test his theory in a live environment. That would be too logical and save way too much time and money. Nor would I expect the larger airlines to do it because their hierarchy is too bulky at the top.
However, I would expect that one of the smaller airline carriers would pay him to come test his theory. The fact that they haven't makes me scratch my head. The conspiratorial person in me thinks maybe they have already and are quietly trying to figure out a way around it. Like cutting all cat5 cables in the passenger areas.
Posted by:
Gary
21 May 2015
Al Rebennack hit the nail on the head. Can you run for office, I'll vote for you.
Posted by:
Joe M
21 May 2015
"... United Airlines’ Cyber Security Intelligence Department (a real thing, apparently)..."
Every InfoSec department worth its salt at any company has an eye on cyber-security. Financial institutions, insurers, and yes, airlines will have cyber-security components to their Info-Sec strategies.
As to this person's claim he did or could have hacked into the system of an airline remains to be seen. System architects do stupid things every day, so attaching critical avionics controls to the in-flight entertainment system isn't out of the realm of possibilities. OTOH, you always have to consider the source....
Posted by:
David
21 May 2015
I'm sure the government would love to have Roberts demo his exploit for them, but he's lawyered up now and there's this thing called the Fifth Amendment.
Roberts exhibits signs of Asperger's Syndrome, a mild level of autism. Poor social skills, peculiar phrasing, obsession with very narrow interests, etc. It's easy to imagine him overstating his activities to "get the point across" to authorities. The guy needs adult supervision.
Posted by:
Roger
21 May 2015
It can easily be proven if the hacker did make a plane veer. The event should be captured in the plane's black box.
Posted by:
DWF
21 May 2015
I would be far more concerned by the possibilities raised by Simon S. of ground over-ride of onboard flight control systems.
Posted by:
Fred King
22 May 2015
I agree with Al Rebennack, and they would never do it publicly.
Patrick
some systems don't come on until the plane is in-flight - try working on planes sometime
Joe M is also right, besides system architects, I have seen technicians connect unclassified systems and classified system by ethernet cables inside a military headquaters. Did he remove the cable after his trial?
And speaking of InfoSec, has anyone considered going in via one system, say entertainment, jumping at a router to sniff other packets and inject through man-in the middle attacks on navigation, or control surfaces, or radar, altimeter systems, etc.
I'd say probable despite his medical, mental and emotional disposition
Posted by:
bob price
22 May 2015
I'm not saying hacking an airplane is impossible. In the long run, almost everything becomes possible. But as a technician on 707's, 727's, 747's, L-1011's etc, I think it's impossible to hack into the entertainment system and somehow get on the control buss circuitry. They are totally separate with no interface.
Posted by:
David Guillaume
22 May 2015
Impossible is a word that has little meaning these days it just takes a little longer to overcome whatever the problem may be at the time.
David Guillaume
Posted by:
Jim Cauthen
22 May 2015
In any emergency the pilot has the option to push the big red button on the yoke. It disconnects the autopilot so the pilot can control the airplane the old fashion way by hand flying it. Of course many pilots today have become dependent on the automation of technology and forgotten how to fly the airplane by hand. I refer to Asiana Airlines crash in San Francisco.
Posted by:
JR the happyoger
22 May 2015
In any electronics, it is foolish to use two words, always and never. They will both return and bite you in your butt. To say it can't be done is a challenge to those that might not have thought it could be done. I agree, let him prove it, if he can, pay him, if not he's a nut case. By the way, could you hack into the car next to you on the freeway, cause it to stop, speed up, coast,, whatever is available. "Onstar" can so if they can then.......
Posted by:
Pete
25 May 2015
If you believe I can affect the plane's navigation system by keeping my cell phone on during flight, then why not by tapping into the entertainment system?