Researchers act to stop 'flight cyber-jacking'

City University London professor Dr David Stupples, a cyber-terrorism researcher, is helping to develop a network that would prevent attacks on communications satellites by recognising dangerous malware, then “reconfiguring” the system around it, shutting down non-essential systems.

According to Stupples, hacking an aircraft is possible if a “cyber bomb” is used, where hackers place malware on a system and it ‘explodes' onto the system. On airplanes, this could cause a crash.  For a hacker to gain access to an aircraft, they need to figure out a way of navigating its network to control its systems. Stupples said “You have to get into the autopilot and to get into the autopilot and run it from somewhere you don't know - it's very difficult. To do that you'll have to have the whole network architecture of the flight system. And all of the interface points to that. Yes, it's possible, but you have to have a great deal of knowledge.”

Ruben Santamarta, principal security consultant at IOActive demonstrated just how vulnerable satellite systems are to attack in his presentation, A Wake-up call for Satcom Security, at the 4SICS conference in Stockholm last month (see full white paper explaining this research). He looked at devices and software made by Cobham, Inmarsat, Harris Corporation, Hughes and Iridium.

Dr Phil Polstra, a professor of digital forensics believes hackers would struggle to disrupt a flight. Looking at research from Santamarta, he said that despite the research proving that vulnerabilities may have enabled an attacker to install a malware with or without physical access to the device, sending fake communications wouldn't necessarily trick pilots as there are “two pilots in the loop. If you were to send a bogus communication to tell them to do anything unusual, they would instantly check with the airline”. If a message is sent to reroute an aircraft, it appears on a screen and a print out, then the pilots have to enter the message into the flight computer and execute it.

close

Next Article in News Bytes