posted on Apr, 13 2013 @ 12:42 PM
Now we're getting into the realm of sci-fi terrorism. This article highlights the uses of the android smartphone, and how it can be used to exploit
the flight controls of an airplane. I know there are a lot of aviation experts, and I'm eager to hear their take on this, the potential risks
involved, and the best methods to combat a scenario like this.
An airplane’s flight controls can be hijacked by simply using an Android smartphone, a presentation at a security conference in Amsterdam on
Hugo Teso — a security consultant at the German information technology firm n.runs — demonstrated that he could remotely take over an aircraft’s
flight controls using an Android smartphone app, a radio transmitter and flight management software he purchased on eBay.
Teso, reported Help Net Security, was able to access various systems on the aircraft that talk to air traffic controllers via radio and satellite.
Those systems are insecure, he noted.
Then, through the Android app that Teso built, called PlaneSploit, a hijacker can alter the course of the plane’s flight, crash the plane, or set
off alarms and lights in the cockpit to harass the pilot.
Because taking over a physical plane would be “too dangerous and unethical”, said Teso to the Hack in the Box conference attendees in Amsterdam,
he built a virtual lab where he could test the hypothesis, which he demonstrated at the conference.
Teso also noted on his website that since this is a “very sensitive study,” he “will not release exploits or vulnerabilities that can be used
against aircraft irresponsibly.”
“That is not the goal of this series, it is intended to illustrate the process to study an unusual system, display the status of its safety and
learn as much as possible in the process,” said Teso.
Teso, who is also a commercial pilot, presented his findings at the conference as the culmination of four years of research. He wrote on his website
that at the time he began his research, he had been studying SCADA (supervisory control and data acquisition) system security.
SCADA systems are industrial computer systems that control industrial processes like manufacturing, power and water treatment.
Manned aircraft aren’t the only flying system whose controls can be hacked.
A research team at University of Texas at Austin hacked a drone in June 2012 in response to a dare by DHS. The research team managed to hack the
drone’s GPS system with a GPS spoofing device that cost $1,000.
So, he demonstrated the process virtually, using an app he created. His purpose isn't to give out vital information on how to exploit planes, but
uses it as a demonstration that will allow officials to learn how it works, and how to fix it. It also mentions that this method will also work on
Drones as well by using a GPS spoofing device that can be purchased on the cheap also.
He used commonly purchased items to achieve this, hopefully they will get this sorted out quickly, and this won't encourage more cyber terrorism. The
future is scary indeed.