It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
A connection between the avionics system and the IFE does exist. But there's a caveat.
Soucie and Lemme say the connection allows for one-way data communication only. The systems are connected through an ARINC 429 data bus that feeds information from the avionics to the IFE about the plane's latitude, longitude and speed. The IFE uses this to populate the animated map passenger's can use to track the plane's movement.
"On every airplane it’s done a little differently and is done in a proprietary way," Lemme says. But in each case, the ARINC 429 is an output-only hub that allows data to flow out from the avionics system but not back to it, he says. To talk back would require a second input bus. "I can't think of why there would ever be an interface like this. If it’s out there, I haven’t heard of it."
...
Lemme says this doesn't matter, though. Even if data were transmitted from the inflight system back to the avionics system, the latter would know not to accept it, since rules programmed into the avionics system would tell it that the inflight system is untrustworthy and shouldn't be sending it data.
Link
He told the FBI that the period in which he accessed the in-flight networks more than a dozen times occurred between 2011 and 2014. The affidavit, however, does not indicate exactly which flight he allegedly caused to turn to fly to the side. He obtained physical access to the networks through the Seat Electronic Box, or SEB. These are installed two to a row, on each side of the aisle under passenger seats, on certain planes. After removing the cover to the SEB by "wiggling and Squeezing the box," Roberts told agents he attached a Cat6 ethernet cable, with a modified connector, to the box and to his laptop and then used default IDs and passwords to gain access to the inflight entertainment system. Once on that network, he was able to gain access to other systems on the planes. Reaction in the security community to the new revelations in the affidavit have been harsh. Although Roberts hasn't been charged yet with any crime, and there are questions about whether his actions really did cause the plane to list to the side or he simply thought they did, a number of security researchers have expressed shock that he attempted to tamper with a plane during a flight.
Russian hackers have won remote access to the control rooms of many US power suppliers, the Wall Street Journal reports. The access could have let them shut down networks and cause blackouts, US officials told the newspaper. The state-backed hackers won access even though command centre computers were not directly linked to the web. The attacks succeeded by targeting smaller firms which supply utilities with other services. The group behind the attacks, known as Dragonfly or Energetic Bear, has been traced to Russia and had racked up "hundreds of victims", said the Department of Homeland Security (DHS). The attacks are ongoing, it added. The hackers seem to have used tightly-targeted attacks to compromise the corporate networks of suppliers, The attacks used emails sent to senior staff or sought to make them visit spoofed or hacked social media sites, Once the groups won access, they carried out detailed reconnaissance to familiarise themselves with how plants and power systems worked.
GAO: Newer aircraft vulnerable to hacking
By Matthew Hoye and Rene Marsh, CNN
Updated 9:53 PM ET, Tue April 14, 2015
Government warning: New planes vulnerable to hackers
Washington (CNN)Hundreds of planes flying commercially today could be vulnerable to having their onboard computers hacked and remotely taken over by someone using the plane's passenger Wi-Fi network, or even by someone on the ground, according to a new report from the Government Accountability Office.
One of the authors of the report, Gerald Dillingham, told CNN the planes include the Boeing 787 Dreamliner, the Airbus A350 and A380 aircraft, and all have advanced cockpits that are wired into the same Wi-Fi system used by passengers.
"Modern communications technologies, including IP connectivity, are increasingly used in aircraft systems, creating the possibility that unauthorized individuals might access and compromise aircraft avionics systems," according to the report, which is based on interviews with cybersecurity and aviation experts.
The government investigators who wrote the report say it is theoretically possible for someone with just a laptop to:
-- Commandeer the aircraft
-- Put a virus into flight control computers
-- Jeopardize the safety of the flight by taking control of computers
-- Take over the warning systems or even navigation systems
Dillingham says although modern aircraft could be vulnerable, there are a number of redundancy mechanisms built into the plane systems that could allow a pilot to correct a problem.