MOSCOW, August 5 (RIA Novosti) — Passenger jet security systems could be susceptible to cyber-attacks, as cybersecurity researcher Ruben Santamarta claims to have found a way to access the airplanes satellite communications through WIFI and inflight entertainment systems, Reuters reported earlier this week.
“These devices are wide open. The goal of this talk is to help change that situation,” he told the news agency.
Ruben Santamarta will reveal all the details of his latest study at the Black Hat hacking conference in Las Vegas, Nevada. This annual meeting houses thousands of hackers and security experts that report the most recent cyber threats and find ways of preventing them.
According to Santamarta, the vulnerabilities were discovered in specialized software, known as firmware. Firmware is used by multiple hardware producers such as Cobham Plc, Harris Corp, EchoStar Corp’s Hughes Network Systems, Iridium Communications Inc, Japan Radio Co Ltd.
By decoding firmware, hackers can potentially interfere with the planes navigation and safety systems, Reuters reported.
The manufactures, however, remain skeptical about Santamarta’s discovery, stressing that the risk of intrusion into the aircraft’s communication software through WIFI and inflight entertainment systems is overestimated.
“We concluded that the risk of compromise is very small,” announced Harris Corp spokesperson Jim Burke, cited by Reuters, after examining Santamartas 25-page research report. Iridium Communications Inc. representative Diane Hockenberry believes “that the risk to Iridium subscribers is minimal,” however, the company is taking security measures to protect its users from a potential cyber invasion.
Cybersecurity researchers have previously claimed to have found a way to interfere with onboard electronic systems. Last year The Telegraph wrote an article about hacker Hugo Teso, who tried to hijack an aircraft with an Android application. During the Hack in the Box conference in Amsterdam, Hugo Teso demonstrated his “PlaneSploit” app designed to break into an aircraft’s flight control system. According to Teso, hackers could gain control of a plane using the “PlaneSpoilt” app when the “autopilot” system was on.
However, the US Federal Aviation Authority (FAA) refuted the cybersecurity researcher’s assertions, claiming that the app cannot prevent the pilot from turning off the “autopilot” mode. Moreover, the app was only tested in virtual environments and never on a real plane, The Telegraph reported.