CHINA TOPIX

12/23/2024 06:45:13 am

Make CT Your Homepage

Is It Really Possible to Hack an Airliner Through Its Wi-Fi?

A passenger airliner

(Photo : pictures.reuters.com) A passenger airliner prepares to land.

Cyber researcher Ruben Santamarta claims he's devised a new method that uses Wi-Fi to hack into an aircraft's electronic systems.

He said his technique penetrates avionics security systems and hacks the satellite communications equipment on airliners through their Wi-Fi and in-flight entertainment systems.

Like Us on Facebook

Santamarta, a consultant from computer service security firm IOActive, will present his research at this week's Black Hat security conference in Las Vegas, an annual gathering where experts meet to discuss security information and cyber vulnerabilities.

The security consultant's presentation on Thursday is expected to be the most widely watched at the conference, said Reuters.

Santamarta explained that theoretically, a hacker could infiltrate a plane's avionics system to disrupt navigation, communications and security systems by using its onboard Wi-Fi signal or inflight entertainment system.

He said those devices are open and the goal of his talk is to change the vulnerability situation.

Santamarta discovered the vulnerabilities by decoding highly specialized software, called firmware, used to activate communications equipment built by a British manufacturing company Cobham Plc in collaboration with other leading technology firms.

He also focused his theories, methods and tests around Aviation 700, Cobham's aircraft satellite communication system.

At least one Cobham representative doubted Santamarta could pull off the hack, stating that a hacker would need to get physical access to the hardware first.

Cobham representative Greg Caires said that in actual aviation and maritime markets, strict requirements are implemented that restrict access to authorized personnel only.

Santamarta still acknowledged that his methods have only been tested in controlled environments, such as the IOActive's laboratory in Madrid. He also said they might be difficult to replicate in the real world.

He asserted that in certain cases, no user interaction is required to abuse the vulnerability. A simple short message service or a specially crafted message from one plane to the other can lead to the infiltration.

Santamarta decided to go public to encourage manufacturers to resolve what he saw as risky security flaws. His claim, if confirmed, could prompt a review of aircraft security systems.


Real Time Analytics