Stories
Slash Boxes
Comments

SoylentNews is people

Potential Hack for Some Boeing Planes Fixed

posted by janrinok on Monday August 15 2022, @11:34PM   Printer-friendly
from the airplane-patch-Tuesday dept.
News

upstart writes:

Potential hack for some Boeing planes fixed:

A digital vulnerability in the computer systems used on some Boeing Co aircraft that could have allowed malicious hackers to modify data and cause pilots to make dangerous miscalculations has been fixed, security researchers said on Friday, Trend reports with reference to Reuters.

Older versions of a digital tool used to calculate landing and take-off speeds on some aircraft could be tampered with by hackers with direct access to an "Electronic Flight Bag," or EFB, a tablet device used by pilots to plan flights, cybersecurity firm Pen Test Partners said in a report.

"If data modification occurs, and the resulting miscalculations are not detected during the crew's required cross check or verification process, an aircraft could land on a runway too short, or take off at incorrect speeds potentially resulting in a tail strike or runway excursion," said the report, which was presented at the DEF CON hacker convention in Las Vegas on Friday.

In a statement, Boeing said it was not aware of any airplane that had been affected by the issue, but had released a software update to address it.

Original Submission

This discussion was created by janrinok (52) for logged-in users only, but now has been archived. No new comments can be posted.
Potential Hack for Some Boeing Planes Fixed | Log In/Create an Account | Top | 3 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)

  • (Score: 3, Funny) by Immerman on Tuesday August 16 2022, @01:12PM

    by Immerman (3985) on Tuesday August 16 2022, @01:12PM (#1266957)

    Potential Hack for Some Boeing Planes Fixed

    So what I'm hearing is NOT that they fixed the vulnerability, but that their update got the hack working properly?

    Somehow that doesn't sound quite right...

  • (Score: 2) by Freeman on Tuesday August 16 2022, @01:24PM

    by Freeman (732) on Tuesday August 16 2022, @01:24PM (#1266960) Journal

    A plane shouldn't be easily modifiable. I.E. No over the air updates, etc. for key systems. In this case, a key tool used for planning a flight. Are these things connected to the internet and getting software updates over the air? That sounds like a nice big open gaping hole in their security.

    --
    Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"

  • (Score: 2) by Rich on Tuesday August 16 2022, @02:02PM

    by Rich (945) on Tuesday August 16 2022, @02:02PM (#1266968) Journal

    A malicious actor could just print a realistic looking paper map with wrong runway lengths and swap that with the one in the pilot's briefcase. (Coincidentally, Jeppesen, who are the major vendor for those, are a Boeing subsidiary). The fundamental difference is only that some attacks in the digital realm might not require physical access (the described attack does), leave fewer traces, and possibly be automatable to a greater scale with a large system breach. I think it would actually be easier to create a digital chain of trust if those kinds of attack have to be anticipated.

(1)