An increasing number of airlines are offering onboard wi-fi to
customers
The US Federal Bureau of Investigation (FBI) has issued a
formal alert telling airlines to be on the lookout for hackers.
It follows an onboard tweet from security expert Chris
Roberts, who joked about being able to hack into a United
Airlines plane's wi-fi network.
A terrorist could theoretically take over systems that fly a
plane by compromising equipment at their seat.
United Airlines has now banned Mr Roberts from all its flights.
The FBI and the US Transportation Security Administration
(TSA) said they had no information to support claims a
plane's navigation system could be interfered via its onboard
wi-fi kit, but added that they were evaluating the evidence.
In a private industry notification posted on its website and
reported by Wired magazine , the FBI advised airlines to:
report any suspicious activity involving travellers
connecting unknown cables or wires to the in-flight
entertainment (IFE) system
report any evidence of suspicious behaviour following a
flight, such as IFE systems that show evidence of
tampering or the forced removal of covers to network
connection ports
report any evidence of suspicious behaviour concerning
aviation wireless signals, including social media messages
with threatening references to onboard network systems,
automatic dependent surveillance systems (ADS-B),
aircraft communications addressing and reporting systems
(ACARS) and air traffic control networks
review network logs from aircraft to ensure any suspicious
activity, such as network scanning or intrusion attempts,
would be captured for further analysis
In his tweet, Mr Roberts suggested that he might be able to
deploy the oxygen masks on the flight.
Chris Roberts's tweet:
"Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ?
Shall we start playing with EICAS messages? "PASS OXYGEN
ON" Anyone ? :)"
(EICAS refers to the engine indicating and crew alerting
system)
On arrival at Syracuse airport, Mr Roberts - who is co-founder
of security company One World Labs - was taken in for
questioning by the FBI, and his laptop and other devices were
seized.
A few days later, he was prevented from boarding a flight to
California.
He had previously given a number of interviews, explaining the
possible weak points in airline systems, telling CNN that he
could connect to a computer under his seat to view data from
the aircraft's engines, fuel and flight-management systems.
Single network
Security experts have warned for some years that airlines are
a possible target for hackers.
Planes including the Boeing 787 Dreamliner and the Airbus 350
and A380 have a single network that is used by both pilots to
fly the plane and by passengers for their wi-fi connections.
"The risk is that a hacker sitting in the back of a plane, or
even one on the ground, could use the wi-fi connection to
hack into the avionics and then remotely fly the plane,"
explained security expert Bruce Schneier in a blog written
after last week's incident.
Although there were currently no publicly known vulnerabilities
that a hacker could exploit, such an attack remained
"theoretically possible" because all networks were inherently
insecure, he said.
"In the scheme of internet risks I worry about, it's not very
high," he added.
Wi-fi is now common on many airlines, and most have relaxed
the rules surrounding the use of gadgets during flights.
No comments:
Post a Comment