Archive for the ‘Aviation’ Category

Hacking 90% of the Commercial Air Fleet

Sunday, November 12th, 2017

Short notice for the holiday travel season but 90% of the commercial air fleet can be hacked without insider or physical access.

Boeing 757 Testing Shows Airplanes Vulnerable to Hacking, DHS Says by Calvin Biesecker.

While the research is classified (making this a CTF type problem), Biesecker reports these broad hints:

“[Which] means I didn’t have anybody touching the airplane, I didn’t have an insider threat. I stood off using typical stuff that could get through security and we were able to establish a presence on the systems of the aircraft.” Hickey said the details of the hack and the work his team are doing are classified, but said they accessed the aircraft’s systems through radio frequency communications, adding that, based on the RF configuration of most aircraft, “you can come to grips pretty quickly where we went” on the aircraft.

The aircraft that DHS is using for its tests is a legacy Boeing 757 commercial plane purchased by the S&T branch. After his speech at the CyberSat Summit, Hickey told Avionics sister publication Defense Daily that the testing is with the aircraft on the ground at the airport in Atlantic City, New Jersey. The initial response from experts was, “’We’ve known that for years,’” and, “It’s not a big deal,” Hickey said.

But in March 2017, at a technical exchange meeting, he said seven airline pilot captains from American Airlines and Delta Air Lines in the room had no clue.

“All seven of them broke their jaw hitting the table when they said, ‘You guys have known about this for years and haven’t bothered to let us know because we depend on this stuff to be absolutely the bible,’” Hickey said.

Terminology for researching this issue can be found in Boeing 757 Operations Manual Volume 2, sections 5.40.1 and 5.50.1. Hardware for testing your hack can be found at one or more aircraft boneyards. Or you can always purchase new systems and advice.

No need to rush for fear of patching:

…Patching avionics subsystem on every aircraft when a vulnerability is discovered is cost prohibitive, Hickey said.

The cost to change one line of code on a piece of avionics equipment is $1 million, and it takes a year to implement. For Southwest Airlines, whose fleet is based on Boeing’s 737, it would “bankrupt” them if a cyber vulnerability was specific to systems on board 737s, he said, adding that other airlines that fly 737s would also see their earnings hurt. Hickey said newer models of 737s and other aircraft, like Boeing’s 787 and the Airbus Group A350, have been designed with security in mind, but that legacy aircraft, which make up more than 90% of the commercial planes in the sky, don’t have these protections.

Aircraft also represent different challenges for cybersecurity and traditional land-based networks, Hickey said. He said that whether it’s the U.S. Air Force or the commercial sector, there are no maintenance crews that can deal with ferreting out cyber threats aboard an aircraft.

No one checking for vulnerabilities and if discovered too expensive to fix?

Sounds like a hacker’s wet dream.

Have Orwell‘s pigs built their palaces out of straw?

PS: The meaning of “hack” when used by the DHS isn’t clear. It could mean bad temperature or location information, up to and including interference with flight control systems (highly unlikely). Interference with flight control systems is more likely to be a feature of the F-35.

OAG Launches Mapper, a New Network Analysis Mapping Tool

Wednesday, April 25th, 2012

OAG Launches Mapper, a New Network Analysis Mapping Tool

From the post:

OAG, a UBM Aviation brand, today unveiled its new aviation analysis mapping tool, OAG Mapper. This latest innovation, from the global leader in aviation intelligence, combines a powerful global flight schedule query with advanced mapping software technology to quickly plot route network maps, based on data drawn from OAG’s market leading schedules database of 1,000 airlines and over 3,500 airports. It is ideal for those in commercial, marketing and strategic planning roles across the airlines, airports, tourism, consulting and route network related industry sectors.

A web-based tool that eliminates the need to hand-draw network routes onto maps, OAG Mapper allows users to either import IATA Airport codes, or to enter a carrier, airport, equipment type or a combination of these and generate custom network maps in seconds. The user can then highlight key routes by changing the thickness and colour of the lines and label them for easy reference, save the map to their profile and export to jpeg for use in network planning, forecasting, strategy and executive presentations.

This has aviation professional written all over it.

And what does aviation bring to mind? that’s right! Coin of the realm! Lot of coins from lots of realms.

Two thoughts:

First and the most obvious, use this service in tandem with other information for aviation professionals to create enhanced services for their use. Ask aviation professional what they would like to see and how they would like to see it. (Novel software theory: Give users what they want, how they want it. Easier sell than educating them.)

Second, we have all seen the travel sites that plot schedules, fees, destinations, hotels and car rentals.

But when was the last time you flew to an airport, rented a car and stayed in a hotel? That was the sum total of your trip?

Every location in the world has more to offer than that, well, not the South Pole but they don’t have a car rental agency. Or any beach. So why go there?

Sorry, got distracted. Every location in the world (with one exception, see above) has more than airports, hotels and car rentals. Suggestion: Use topic maps (non-obviously) to create information/reservation rich information environments.

The Frankfurt Book Fair is an example of an event with literally thousands of connections to be made in addition to airport, hotel and car rental. Your application could be the one that crosses all the information systems (or lack thereof) to provide that unique experience.

Could hard code it but I assume you are brighter than that.

Airport Watch!

Saturday, December 17th, 2011

Airport Watch!

I ran across Private aircraft flight plans won’t be disclosed after all, says FAA, which reads in part:

The owners and operators of private aircraft won a reprieve on December 16 when the Federal Aviation Administration announced that it will continue to allow those owners and operators to keep confidential their plane’s tail numbers and flight plans, rather than have that sensitive information automatically disclosed as part of two nationwide public aviation information dissemination systems.

The FAA said it acted after Congress passed H.R. 2112, the bill that appropriates funds for the U.S. Department of Transportation for the balance of FY2012, which includes language that specifically bars the FAA from implementing any limitation on aircraft owners’ rights to have their aircraft data blocked.

I am really curious what is “sensitive” about plane tail numbers and flight plans? Unless “sensitive” includes taking junkets at the company’s expense, perhaps without their spouses, etc.

There is an alternative to having the FAA keep track, at least of the tail numbers. It would not be that hard to organize an Airport Watch along the lines of Neighborhood Watch. Just solicit volunteers with binoculars and digital images of the most common plane types, along with a web interface for entry of sightings of planes at their local airport with the time. If they want to take long range photos of anyone getting off the plane they can upload those as well.

The distance a particular plane can fly would set an outer limit on its first sighting. Uploading those to a web interface would give anyone, boss, spouse, etc., easy access to that information. And citizen watchdog groups, news media, etc.

Could support it with advertising and the occasional sale of data to the FAA when they have a CFIT (controlled flight into terrain).