The Government Accountability Office (GAO) published a report on April 14, on behalf of FAA's look into next-generation air transportation systems, and it indicated that on-board Wi-Fi could feasibly be used by hackers to bring the aircraft to the ground.
Those working on the research stressed that this attack wouldn't be easy or very likely, but said that the worst-case scenario, especially as airlines and the FAA move to modernise planes with flight-tracking and internet technology, could see a terrorist mid-flight use the passenger Wi-Fi to take control of the aircraft. The internet, reads the report, “can potentially provide unauthorised remote access to aircraft avionics systems”.
Avionics typically operate on a self-contained network and not connected to same one as used by passengers. However, experts – who included professors at the universities of Virginia and Columbia, as well as senior figures at SANS Institute and HP - said in the report that newer systems could see Wi-Fi systems share the same routers or internal wiring. In addition, they said that any firewalls used for separating networks could be hacked, just like any other software.
"According to cyber-security experts we interviewed, internet connectivity in the cabin should be considered a direct link between the aircraft and the outside world, which includes potential malicious actors," the report reads.
The GAO released a separate report last March which said that FAA's system for guiding planes and other aircraft also was at "increased and unnecessary risk" of being hacked. One particular area of weakness was the ability to prevent and detect unauthorised access to the vast network of computer and communications systems the FAA uses to process and track flights around the world.
A number of infosec pros, when speaking to SCMagazineUK.com this week, were mixed on this perceived threat.
Gérôme Billois, senior manager of French information security consultancy Solucom – whose company has worked with airlines on securing their infrastructure in the past, says that data networks should be typically segregated into different zones, for passengers, crew and avionics, as required by the ARINCC 664 standard.
“The issue [of security] arises when one zone inter-flows to another,” he said, adding – for instance – that cabin crew will often be able to see critical domain information, such as temperature or flight speed.
He acknowledged that this causes “some risks” but said that attacks, as mentioned in the report, would need very specific conditions and thus unlikely.
“These systems are interconnected so it's really important to think about security at design, and to regularly test it because planes are around for a very long time.”
Billois, who was due to board a plane after the interview, added that the future planes threat may not be dissimilar to a modern enterprise. Older planes run customised software so are “not as easy to attack”, but in future, he says that it wouldn't be impossible to launch buffer overflow attacks or an integrated attack on internal communications to, for example, alter altitude or speed readings.
Simon Chapman, director at Manchester-based penetration tester Ambersail Ltd, added that it was hard to see how viable the attack would be, although sharing the same IP network for entertainment and plane controls was a “bad idea”.
With the firm's own experience implementing payment gateway solutions on planes, he said that present and future plane designs would need to have “physically separate cabling, and separate IP network”, air-gapped machines and solutions that can be switched off any time. But citing the recent Germanwings crash, he said planning for the future is impossible.
“People often talk about future proofing but there's never been a bigger con in the world of technology – its fakery, the future has no regard for the past or present. You have to start with the assumption that the model might to be invalid in future.”
Jovi Umawing, malware intelligence analyst at Malwarebytes, said in a statement to the press: “While it is true that firewalls could be potentially bypassed by those with ill intent, we have to remember that aircraft systems are built with safety in mind. These systems, which we deem life or safety critical, have redundancies in place to lessen the chances of tragic outcomes should they be compromised. As the GAO report does not clearly elaborate if this new threat via cabin Wi-Fi takes into account such systems, we can't know for sure if an attack like this would be successful.”