The safety belt is on, and the tray table and seat back are in the upright position as I nervously await my plane’s take-off. I’m checking my Facebook page to calm the nerves of flight, and I’m one of several rebellious passengers ignoring the pilot’s request to switch off electronic devices. Surely they can’t be serious that my little smart phone will “interfere with the aircraft’s navigation systems,” I think to myself. Well, a German security consultant has claimed and recently demonstrated that it is possible to attack and commandeer the controls of an aircraft, armed with nothing more than a Samsung Galaxy mobile phone.
The annual security conference “Hack in the Box” was held in Amsterdam this year and there was much buzz around one particular presentation — “Aircraft Hacking: Practical Aero Series … a demonstration on how to remotely attack and take full control of an aircraft.” The presenter,Hugo Teso, did not disappoint as the crowd of conference attendees and media watched him use malicious code he calls SIMON, and an Android app (PlaneSploit) to manipulate a flight simulator and change the speed, altitude and direction of a virtual plane.
At first glance, this dangerous hijacking app could challenge “iFart” for title of “Worst Mobile App Ever.” Instead, Teso’s PlaneSploit might actually prove helpful for aviation surveillance, security and safety.
In his demonstration, Teso explained that Automated Dependent Surveillance Broadcast (ADS-B) is a newer surveillance technology aimed to replace typical radar for air traffic control systems. While it has its advantages, ADS-B has no security; it is unencrypted and unauthenticated. The system’s vulnerabilities allow for attacks ranging from passive eavesdropping to active message jamming and injection.
Teso told Forbes that “You can use this system to modify approximately everything related to the navigation of the plane … That includes a lot of nasty things.” Once the plane’s computer has been infiltrated, the app is even capable of changing the pilot’s display screen, turning off the lights in the cockpit or remotely giving commands like “Please Go Here” or “Visit Ground” (crash the plane). Teso claims that he used flight management hardware purchased on eBay and publicly available software in creating his virtual attack.
As frightening as this all sounds, you don’t need to cancel your family reunion trip just yet. PlaneSploit currently requires that the compromised plane be in “autopilot” mode for the attack and control to work. The Federal Aviation Administration considers Teso’s “full control” claim to be overblown since it cannot “prevent a pilot from overriding the autopilot.” Teso also admits that his aviation hacker code is built to work only in virtual environments, not on an actual aircraft with certified flight hardware. But some experts insist that the risk is still there.
Thankfully, as a “white hat” hacker and security consultant, this demonstration is simply intended to alert airlines, government officials, and the companies that make these systems and compelling them to address the concerns.