Don’t worry about the mental stability of your pilot — there might not be one in the future. Test flights of an autonomous jet are taking off now in the UK.
The hack happened in the afternoon and targeted the Polish flag carrier LOT. According to a report from Reuters “hackers attacked the airline ground computer systems used to issue flight plans”. The whole situation was resolved a few hours later. Nonetheless 10 national and international flights had to be canceled and even more were delayed. Luckily none of the planes or the airport itself were affected and no one got hurt. LOT took extra care to mention “that it has no influence on plane systems. Aircrafts, that are already airborne will continue their flights. Planes with flight plans already filed will return to Warsaw normally.”
The airline also made it clear that the airport itself was not affected. Once the ‘problem’ was fixed LOT issued the following press release. “The situation after the IT attack on our ground operation system is already under control. We are working on restoring the regularity as soon as possible. Our operating center is already preparing flight plans. We will try to ensure that the largest number of passengers are informed and continue commenced journeys.”
Spokesman Kubicki said that LOT is using state-of-the-art computer systems, so this could potentially be a threat to others in the industry as well.
Remember Chris Roberts? He was the hacker who wasn’t allowed to board his plane last month, when he talked on his Twitter account about the (lack) of airplane security and joked about hacking into the electronic control system.
Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? “PASS OXYGEN ON” Anyone ?
— Chris Roberts (@Sidragon1) April 15, 2015
It now turns out that while he might have been joking that one time, he actually hacked into IFE systems on aircrafts while in flight about 15 to 20 times, according to an FBI search warrant application filed in the U.S. District Court for the Northern District of New York. In the same warrant Roberts also claims that he was able to successfully command the system he accessed to issue the “CLB” (or climb) command. This caused one of the airplane engines to climb which resulted in a sideways movement of the plane during one of the flights.
He told WIRED: “That paragraph that’s in there is one paragraph out of a lot of discussions, so there is context that is obviously missing which obviously I can’t say anything about. It would appear from what I’ve seen that the federal guys took one paragraph out of a lot of discussions and a lot of meetings and notes and just chose that one as opposed to plenty of others.” And on his Twitter account he states:
Sorry it’s so generic, but there’s a whole 5 years of stuff that the affidavit incorrectly compressed into 1 paragraph….lots to untangle — Chris Roberts (@Sidragon1) May 17, 2015
Well, at least airlines seem to slowly wake up and confront reality now: United Airlines just started a bug bounty program that will award miles depending on the severity and impact of the reported bugs.
The post Hacker Hacked Into the Aircraft Engine Controls 20 Times appeared first on Avira Blog.