Tag Archives: FBI

Has a plane been hacked mid-flight?

The FBI is investigating Chris Roberts, a security researcher, who claims to have taken control of an aircraft in midflight and made it drift sideways by controlling one of the engines. All this from a passenger seat and a connection through the entertainment system located under a seat.

Chris Roberts, who has demonstrated hacking many devices at Blackhat conferences, denies the claim and has tweeted

 

The FBI is reported to have interviewed Roberts a number of times in a recently published article on APTN, a Canadian news outlet. According to the article Roberts claimed he took control of an aircraft

Just one month ago, a GAO report warned of a vulnerability on aircraft where they claim that the avionics could be accessed through the entertainment system as they are connected through a common infrastructure. The GAO report was widely disputed by many industry experts as I detailed in a previous blog post.

This second incident has made me revisit the topic and makes me question whether or not I will be safe on my next flight. Once again, my conclusion is that I am. Here’s why:

  • The original conclusion that the two networks are not connected was based on expert commentary from Dr. Phil Postra a qualified pilot and professor of digital forensics at Bloomsburg University.
  • There is speculation that newer aircraft, specifically the Boeing 787 DreamLiner may have a single onboard network but experts say that even on these aircraft the flow of data is one way from the cockpit to the passenger network and that no traffic can fly in the opposite direction. This has been a speculative issue for the last 7 years, see this Fox news story.
  • The aircraft that Roberts reportedly hacked was ‘older’ and had the standard of separate networks for Avionics and Entertainment, which would imply that the hack may not have happened at all and may have just been a bit of bragging.
  • Since this story took to the mainstream press last month, I am certain that manufacturers of aircraft have tested and re-tested the security of the avionics systems and if necessary made the necessary changes. In fact, Roberts may have made the systems even more secure with just the rumor of a hack.
  • Lastly, aircraft are fitted with the ability for the pilot to take manual control and fly by wire, this is done through a disconnect switch in the cockpit. In the remote possibility someone did manage to mess with the avionics then I would trust one of the pilots to take control.

 

While there maybe doubt, speculation and differing views, there are many other systems that could potentially be hacked to disrupt a flight such as air traffic control systems or satellite positioning systems. These could be attacked from the ground and not require a hacker to be on board. It seems far more likely to me, that these would be the target of a person with malicious intent.

Will I be boarding an aircraft soon? Yes, next week. If the person sitting next to me gets out a screw driver and starts taking his seat apart to access networks cables I will call the crew over  and ask them to inform the pilot, I trust you will do the same.

Watch out for Nepal Earthquake Scams

Unfortunately it is common for attackers and scammers to hijack news stories in an attempt such as the Nepal Earthquake to trick those trying to help.

One such website (which has since been removed) was savenepal.org

Save Nepal

 

If you wish to make a donation to the relief effort in Nepal, be sure to make it to an accredited charity. You can find a list of them here.

 

How to avoid phishing scams

Most scams take the form of a “phishing” attack, where victims are tricked into handing over their personal or payment details.

For more information on detecting and avoiding phishing scams, watch this AVG Academy video.

Video

How to avoid phishing scams

Confusion Reigns Over FBI’s Plans for National Security Letter Gag Orders

The way that National Security Letters are approved and used is one of the government’s more opaque processes. Now, you can add some more confusion into the mix, courtesy of some new comments from the FBI about when recipients are able to disclose the fact that they have received an NSL. More than a year […]

Mobile Device Encryption Could Lead to a ‘Very, Very Dark Place’, FBI Director Says

FBI Director James Comey said Thursday that the recent movement toward default encryption of smartphones and other devices could “lead us to a very, very dark place.” Echoing comments made by law enforcement officials for the last several decades, Comey said that the advanced cryptosystems available today threaten to cripple the ability of intelligence and law […]