SoylentNews is people
SoylentNews
Aviation Today reports that the Boeing 757 is vulnerable to remote, non-cooperative, penetration.
A team of government, industry and academic officials successfully demonstrated that a commercial aircraft could be remotely hacked in a non-laboratory setting last year, a U.S. Department of Homeland Security (DHS) official said Wednesday at the 2017 CyberSat Summit in Tysons Corner, Virginia.
"We got the airplane on Sept. 19, 2016. Two days later, I was successful in accomplishing a remote, non-cooperative, penetration," said Robert Hickey, aviation program manager within the Cyber Security Division of the DHS Science and Technology (S&T) Directorate.
"[Which] means I didn't have anybody touching the airplane, I didn't have an insider threat. I stood off using typical stuff that could get through security and we were able to establish a presence on the systems of the aircraft." Hickey said the details of the hack and the work his team are doing are classified, but said they accessed the aircraft's systems through radio frequency communications, adding that, based on the RF configuration of most aircraft, "you can come to grips pretty quickly where we went" on the aircraft.
...
[...]in March 2017, at a technical exchange meeting, he said seven airline pilot captains from American Airlines and Delta Air Lines in the room had no clue."All seven of them broke their jaw hitting the table when they said, 'You guys have known about this for years and haven't bothered to let us know because we depend on this stuff to be absolutely the bible,'" Hickey said.
Better late than never, hope is still alive, right?
"And I look at all of those and say, 'If we're not looking at those from a different perspective, we're going to miss the boat,' no pun intended," Hickey said. He said he doesn't know the answers yet for aircraft cyber infrastructure, adding that it's not a policy issue yet because more research needs to be done on these systems to understand what the issues are. Patching avionics subsystem on every aircraft when a vulnerability is discovered is cost prohibitive, Hickey said.
The cost to change one line of code on a piece of avionics equipment is $1 million, and it takes a year to implement. For Southwest Airlines, whose fleet is based on Boeing's 737, it would "bankrupt" them if a cyber vulnerability was specific to systems on board 737s, he said, adding that other airlines that fly 737s would also see their earnings hurt. Hickey said newer models of 737s and other aircraft, like Boeing's 787 and the Airbus Group A350, have been designed with security in mind, but that legacy aircraft, which make up more than 90% of the commercial planes in the sky, don't have these protections.
Aircraft also represent different challenges for cybersecurity and traditional land-based networks, Hickey said. He said that whether it's the U.S. Air Force or the commercial sector, there are no maintenance crews that can deal with ferreting out cyber threats aboard an aircraft.
"They don't exist in the maintenance world," Hickey said, noting that when he was in the Air Force, he commanded a logistics group. Hickey was also an airline pilot for more than 20 years. The chief information officers of airlines "don't know how to chase a cyber spark through an airplane either," Hickey said. "Why? Because they have been dealing with, and they're programmed to, and they do a great job of, protecting the terrestrial-based networks. Airplanes are absolutely different — crazy different."
Oh, well, so long for hope, I guess there'll be no patch Tuesday for this one.
(Score: 4, Insightful) by Knowledge Troll on Tuesday December 19 2017, @04:57PM (4 children)
I've been trying to figure out what they mean too.
I think this is worse than that case. Spoofing GPS and even remotely driving ships around with the spoofed signal was proven to work some time ago so I'm hoping this isn't just a rehash of that known thing. Additionally though is this comment: we were able to establish a presence on the systems of the aircraft. That indicates to me that they were able to penetrate into an aircraft system and use it to manipulate others.
My best guess at this point is that they were able to buffer overflow (or some similar concept) one of the information processing systems receiving data via RF. Given the pilot comments of we depend on this stuff to be absolutely the bible I suspect they were able to manipulate something like the artificial horizon. That could be catastrophically bad.
(Score: 4, Insightful) by bob_super on Tuesday December 19 2017, @05:41PM (2 children)
Planes routinely send maintenance / alert info via Sat links, not sure if those are bi-directional.
Onboard WiFi internet uses bi-di links, which you have to pray are fully isolated from the avionics (they should, but what about that debug port Joe forgot to close?)
My guess is the more advanced comms for airport data for auto landing are vulnerable.
(Score: 2) by Knowledge Troll on Wednesday December 20 2017, @03:08PM (1 child)
I don't think it's necessary to have bi-directional communication to do something like a buffer overflow though it would make the task much more difficult because of the missing feedback.
(Score: 2) by bob_super on Wednesday December 20 2017, @05:16PM
The Sat link is to send maintenance and alarms from the plane.
If it ain't bi-di, you ain't gettin' in.
(Score: 2) by frojack on Tuesday December 19 2017, @07:11PM
GPS navigation is relatively new on commercial aircraft. It wasn't even approved for use by the FAA until Alaska Airlines developed a pilot program in conjunction with Boeing and the FAA to certify it. (Only became common beginning 2008). It is still not widely deployed in legacy aircraft. Too expensive to modify the plane to add another antenna and a integrated GPS receiver.
Still, I suppose it could be related to GPS.
TFS mentions avionics, so it comes down to a limited set of things.
NO, it doesn't mean that.
It just means it can be used to influence the avionics system on the aircraft. Since the autopilot is part of the avionics system, this migh be something as simple as faking an ordinal from a VOR. [wikipedia.org] Or it might fake signals that affect any of the other avionics components. [wikipedia.org], such as messing with the radio altimeter signal return. [skybrary.aero]
You don't need to "penetrate" the aircraft nor "manipulate" any other systems over the radio. If you can cause an altimeter reading to be two high you can sucker an instrument approach pilot into reducing altitude too low. If you can cause a VOR radial or a localizer signal to be rotated you can cause an aircraft to slam into a mountain. [wikipedia.org]
No, you are mistaken. I've always had this sig.