The screaming headlines about the potential for hacking into the control systems of a passenger jet are true. No reported proof-of-concept demonstration, yet, but consider these sources:
GAO, not part of the tin-hat crowd, publishes: Air Traffic Control: FAA Needs a More Comprehensive Approach to Address Cybersecurity As Agency Transitions to NextGen. GAO-15-370.
Fifty-six (56) pages of interesting stuff but the summary clues you in:
…
Modern aircraft are increasingly connected to the Internet. This interconnectedness can potentially provide unauthorized remote access to aircraft avionics systems. As part of the aircraft certification process, FAA’s Office of Safety (AVS) currently certifies new interconnected systems through rules for specific aircraft and has started reviewing rules for certifying the cybersecurity of all new aircraft systems.
…
How “…potentially provide unauthorized remote access to aircraft avionics systems?” On page 19, the GAO diagrams the separation between avionics and the Wi-Fi network:
One Ethernet router between you and the avionics network.
The avionics software between you and control over the flight surfaces of the airplane.
Just me but Ethernet routers aren’t typically all that difficult to hack. The avionics software and its security isn’t known to me so may be the harder of the two tasks. Certainly not a script kiddie attack, at least not the first time.
The first person I saw pointing out the GAO diagrams with the Ethernet router was Paul Ducklin in Could a hacker *really* bring down a plane from a mobile phone in seat 12C?. So much for the “separation” of the avionics and the Wi-Fi. It’s there, but a robust solution.
Just another factoid but On Hacking A Passenger Airliner (GAO report) by Herb Lin appeared yesterday but today the page is missing. You can search for it and find the link, but following the link says the page is not found.
I would not mention that except that Malia Zimmerman reports in: Security expert pulled off flight by FBI after exposing airline tech vulnerabilities that:
One of the world’s foremost experts on counter-threat intelligence within the cybersecurity industry, who blew the whistle on vulnerabilities in airplane technology systems in a series of recent Fox News reports, has become the target of an FBI investigation himself.
Chris Roberts of the Colorado-based One World Labs, a security intelligence firm that identifies risks before they’re exploited, said two FBI agents and two uniformed police officers pulled him off a United Airlines Boeing 737-800 commercial flight Wednesday night just after it landed in Syracuse, and spent the next four hours questioning him about cyberhacking of planes.
The FBI interrogation came just hours after Fox News published a report on Roberts’ research, in which he said: “We can still take planes out of the sky thanks to the flaws in the in-flight entertainment systems. Quite simply put, we can theorize on how to turn the engines off at 35,000 feet and not have any of those damn flashing lights go off in the cockpit.”
His findings, along with those of another security expert quoted in the Fox News reports, were backed up a GAO report released Tuesday.
…
Which leads me to conclude that:
The FBI watches Fox News!
That explains so much about the state of domestic security.
Let’s hope Chris Roberts bills the FBI for his time. Consultants have nothing to sell but their time and his seizure by the FBI is likely an expropriation of property without due process of law. Chris is under no obligation to help extract the airlines or law enforcement from their current dilemmas for free.
PS:
Thomas Fox-Brewster (Forbes), Pilot: US Government Claims Of Plane Wi-Fi Hacking Wrong And Irresponsible, managed to locate a pilot to disagree with the GAO report.
Ironically since SANS Institute was quick to jump on the Forbes report as demonstrating the incompetence of the GAO. I say ironically because the diagram from the GAO on page 19, fits the facts where Fox-Brewster says:
There have been some cases, however, where networks have not been properly segmented, potentially leaving open vulnerabilities. Seven years ago, it emerged the flight control and infotainment networks on Boeing 787 aircraft were connected, with only a firewall blocking malicious traffic between the two. If that’s still the case, then there’s at least something to worry about.
Err, that is the case being illustrated on page 19. I expect better from SANS than scanning Forbes for agreement and dissing the GAO on that basis.
What would be helpful would be wiring diagrams of airline networking and avionic systems. Pointers anyone? The alternative is to listen to “its true,” “its not true,” sort of debates for months.
[…] Hacking a Passenger Jet (No Fooling) (+ FBI Watches Fox … […]
Pingback by FBI goes after security expert that FBI uses » Musings of the Angry Webmaster — April 19, 2015 @ 9:31 am