Sunday, May 17, 2015

FBI says plane hacker a threat to public safety

Did a well-known computer security researcher endanger public safety by hacking into aircraft control systems?

 

The FBI has asked a federal court in New York for a warrant to search the electronic devices it took from well-known computer security researcher Chris Roberts on April 17.
The bureau says Roberts "had the ability and willingness to use the equipment... to access the In Flight Entertainment [system]" and "that it would endanger public safety".
In February this year Roberts met with the FBI to discuss vulnerabilities with in-flight entertainment systems on Boeing 737-800, 737-900 and 757-200 aircraft along with Airbus A-320s.
The FBI says he told them he:
  • hacked into the systems 15 to 20 times from 2011 to 2014.
  • accessed the system through the Seat Electronic Box, found under seats containing video monitors.
  • was able to connect his laptop to this system using an Ethernet cable.
  • was able to overwrite code on the aircraft's Thrust Management Computer and give one of the plane's engines the command to climb.
  • was also able to monitor the cockpit system.
The FBI says it warned Roberts he was breaking the law and advised him to stop doing so.
On April 15th the FBI says Roberts sent a series of tweets that suggested he had or could hack these systems during a series of internal US flights he was taking at the time.
He was subsequently banned from travelling on United Airlines.
FBI says it inspected the Seat Electronic Box under one of the seats Roberts had just flown on, and discovered it had been tampered with.
Roberts has not yet been charged with a crime, and the FBI's allegations have not been proven in court.
Roberts says he:
  • did hack into the in-flight entertainment system but never interupted the flight.
  • has caused a plane to climb during flight, but only during a simulated test.
  • never connected his laptop to the system on the flight the FBI says showed evidence of tampering.
Roberts has tweeted "Over last 5 years my only interest has been to improve aircraft security...given the current situation I've been advised against saying much."
He adds "Sorry it's so generic, but there's a whole 5 years of stuff that the affidavit incorrectly compressed into 1 paragraph....lots to untangle."
"The onward march of technology throws up significant challenges all the time," says independent aviation analyst Chris Yates told Al Jazeera.
"The move to an increasingly electronic cockpit leaves airplanes open to possible hacking attempts such as this."
"There is a lot more wireless communication on board the aircraft," says Anil Padhra, a Senior Lecturer in Aviation Studies at Kingston University London
"But technically it's very challenging to hack an aircraft and the ordinary passeneger wouldn't even get close."
Roberts is the founder of One World Labs and he is widely viewed as an expert on counter threat cyber security. He is reported to have been issuing warnings about vulnerabilities in inflight entertainment systems for years.

No comments:

Post a Comment

Blog Archive