It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Some features of ATS will be disabled while you continue to use an ad-blocker.
originally posted by: roadgravel
A newly-published search warrant application shows that an aviation computer security researcher told the FBI that he briefly took control of at least one commercial airliner. The warrant, which was filed in a federal court in New York state, was first published Friday by APTN, a Canadian news site.
According to the affidavit for the warrant application, the researcher, Chris Roberts, told the FBI that he:
connected to other systems on the airplane network after he exploited/gained access to, or "hacked" the [in-flight entertainment] system. He stated that he then overwrote code on the airplane’s Thrust Management Computer while aboard a flight. He stated that he successfully commanded the system he had accessed to issue the climb command. He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights. He also stated that he used Vortex software after compromising/exploiting or "hacking" the airplane’s networks. He used the software to monitor traffic from the cockpit system.
Since this incident, United has instituted a bug bounty program.
In the bounty program
Bugs on onboard Wi-Fi, entertainment systems or avionics
Have to wonder what actually happened.
Chris Roberts @Sidragon1
Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? "PASS OXYGEN ON" Anyone ?
1:08 PM - 15 Apr 2015
142 142 Retweets 181 181 favorites
originally posted by: Phage
a reply to: hopenotfeariswhatweneed
This scenario is not implausible,and quite scary really,even if it is only claimed that does not make the story any less believable ...
Less than "not very" you mean?
A security researcher told the FBI in February he was able to commandeer a plane's control system mid-flight, according to a warrant application filed last month.
The tweet was meant as a sarcastic joke; a reference to how he had tried for years to get Boeing and Airbus to heed warnings about security issues with their passenger communications systems. His tweet about the Engine Indicator Crew Alert System, or EICAS, was a reference to research he’d done years ago on vulnerabilities in inflight infotainment networks, vulnerabilities that could allow an attacker to access cabin controls and deploy a plane’s oxygen masks.
He obtained physical access to the networks through the Seat Electronic Box, or SEB. These are installed two to a row, on each side of the aisle under passenger seats, on certain planes. After removing the cover to the SEB by “wiggling and Squeezing the box,” Roberts told agents he attached a Cat6 ethernet cable, with a modified connector, to the box and to his laptop and then used default IDs and passwords to gain access to the inflight entertainment system. Once on that network, he was able to gain access to other systems on the planes.
“He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights,” FBI Special Agent Mark Hurley wrote in his warrant application. “He also stated that he used Vortex software after comprising/exploiting or ‘hacking’ the airplane’s networks. He used the software to monitor traffic from the cockpit system.”
Roberts began investigating aviation security about six years ago after he and a research colleague got hold of publicly available flight manuals and wiring diagrams for various planes. The documents showed how inflight entertainment systems one some planes were connected to the passenger satellite phone network, which included functions for operating some cabin control systems. These systems were in turn connected to the plane avionics systems. They built a test lab using demo software obtained from infotainment vendors and others in order to explore what they could to the networks.
In 2010, Roberts gave a presentation about hacking planes and cars at the BSides security conference in Las Vegas. Another presentation followed two years later. He also spoke directly to airplane manufacturers about the problems with their systems. “We had conversations with two main airplane builders as well as with two of the top providers of infotainment systems and it never went anywhere,” he told WIRED last month.
Last February, the FBI in Denver, where Roberts is based, requested a meeting. They discussed his research for an hour, and returned a couple weeks later for a discussion that lasted several more hours. They wanted to know what was possible and what exactly he and his colleague had done. Roberts disclosed that he and his colleague had sniffed the data traffic on more than a dozen flights after connecting their laptops to the infotainment networks.
“We researched further than that,” he told WIRED last month. “We were within the fuel balancing system and the thrust control system. We watched the packets and data going across the network to see where it was going.”
Eventually, Roberts and his research partner determined that it would take a convoluted set of hacks to seriously subvert an avionics system, but they believed it could be done. He insisted to WIRED last month, however, that they did not “mess around with that except on simulation systems.” In simulations, for example, Roberts said they were able to turn the engine controls from cruise to climb, “which definitely had the desired effect on the system—the plane sped up and the nose of the airplane went up.”
originally posted by: Phage
The headline is not exactly accurate. The "hacker" did not admit do doing anything. He claimed to have done something.
Actually, it makes me think that our hacker read that article and rather than actually doing anything, talked to the FBI about what the report said about potential vulnerabilities.
It makes you wonder why the GAO back in April are going with the vulnerablity of these systems...specifically about the gateway being the entertainment systems on Airbus and Boeing.
Roberts did not immediately respond to Ars’ request for comment, but he told Wired on Friday that this paragraph was taken out of context.
"It would appear from what I’ve seen that the federal guys took one paragraph out of a lot of discussions and a lot of meetings and notes and just chose that one as opposed to plenty of others," he said, declining to elaborate further.
originally posted by: fleabit
So he hacked the engine control by way of the entertainment system?
Is that possible with -any- system on any plane in existence? I find it extremely hard to believe.
- Bridge Between Ethernet, MIL-STD-1553, and/or ARINC 429
- Remote Access to 429 or 1553 Data via Ethernet
- Low Power 1GHz Intel Atom Processor