Skip to content

Hit enter to search or ESC to close

The aviation industry is grappling with cybersecurity. For years the industry, security and government officials have insisted it is impossible for hackers to infiltrate the cockpit network of a plane in flight from the ground.  Yet, according to the findings of a cybersecurity expert named, Ruben Santamarta, it is more than possible - because he did it.

Last Call for SATCOM security

According to Santamarta, he successfully hacked into an in-flight Wi-Fi network and satellite communication system from the ground.  He claims to have been able to access the Internet activity of passengers and garner access to important devices within the aircraft.  Based on his successful penetration of the airplane’s control system, Santamarta suggests that the same vulnerabilities could give hackers access to not only aircraft but ships, military personnel vehicles, and emergency services.  Santamarta will be publishing the details of his research at the 2018 BlackHat hacker conference in August.  His presentation is titled, “Last Call for SATCOM security” in which he will discuss how entire fleets of planes are accessible from the Internet. 

This is not the first time that Santamarta has spoken out about the vulnerabilities of the airline industry.  He first published his findings and theories in a report back in 2014 after he discovered numerous security flaws with SATCOM infrastructure.  His discovered flaws included hardcoded credentials, insecure protocols, backdoors and weak password reset features.  Like any elaborate network, these environments are made up of thousands of devices and thus the network is only as secure as the weakest link.  One of the main vulnerabilities found by his team was that hackers could access the systems and run their own code or install the malicious firmware, thus compromising it.  Once any of the onboard devices are compromised, an attacker would be able to wreak havoc.  A hacker could spoof messages and trick a plane or ship to follow a designated path or disrupt communications.

If a device can be accessed, it can be compromised

An open Wi-Fi network requires no form of authorization or authentication. Any user with a device supporting Wi-Fi can access them and use the connectivity offered by the network. Though he admits that a hacker would have to have some knowledge of the inherent firmware weaknesses and how to exploit them, if a hacker can reach the device, he or she can compromise it.  Santamarta states that although some of his discovered vulnerabilities in the 2014 report have been addressed by vendors, many have not.  He also claims that adversaries could take advantage of these exploits to reveal NATO bases in conflict zones.  "The satcom environment right now is really a mess,” says Santamarta.  "It's really worrying me what I am seeing in this area."

Hacking in-flight entertainment systems

Santamarta is not the first person claiming to have penetrated the control system of an airplane.  In 2015, a security researcher named Chris Roberts told the FBI in an interrogation interview that he was able to hack into various in-flight entertainment systems from his airline seat more than a dozen times over a three-year period.  According to an FBI, Roberts stated that he had briefly commandeered a plane during one of those flights.  Although his actions were deemed irresponsible, he was not charged with a crime.

Boeing 747 hacked

On November 8 at the 2017 CyberSat Summit, Robert Hickey, an aviation program manager with the Department of Homeland Security delivered the keynote address in which he unveiled the news that he successfully hacked into a parked Boeing 747 on September 19, 2016.  The incident took place at the Atlantic City International Airport in New Jersey.  Hickey said he and his team of experts were able to remotely access the plane’s cockpit and perform a non-cooperative penetration to take full control of its flight functions.  Hickey had already shared the details of his hack with the DHS and they remain classified. 

Back in March, the Department of Homeland Security and the Federal Bureau of Investigation issued an alert that Russian state-sponsored hackers had been found infiltrating the U.S. civilian aviation industry as part of the broad assault on the nation’s sensitive infrastructure (power grids were also heavily targeted.  The airline industry is a prime target for state-sponsored hackers as a disruption to the aircraft systems could have enormous economic and psychological effects.  The exposure of aircraft and the aviation industry at large to cyber terrorists and malicious hackers cannot be ignored.  The truth is out there and the growing evidence can no longer be ignored.  

Public Wi-Fi Security

Airlines  (in fact all providers of public Wi-Fi) have a responsibility to provide a secure, password-protected service. An open WI-FI  network will at some point be used as a beach-front to attack.

An open unfiltered Wi-Fi network is an invitation to attack your users, data, privacy and data integrity. A successful attack could result in: 
•    Total loss of customer data privacy
•    Total loss of customer data integrity
•    Total loss of data customer confidentiality
•    In some parts of the world, it's illegal to not protect your customers' data
•    The company networks can be attacked by anyone using that network
•    Serious brand reputation and resulting costs and implications
•    Potential litigation

Unsecured Wi-Fi on flights allows hackers to employ the same tactics they use on the ground. And in many ways, it actually makes it easier. For smart airlines and businesses offering free Wi-Fi, this is an opportunity to attract potential customers and retain existing customers. For these organizations offering secure Wi-Fi is a differentiator….something to think about!       

Talk to our Team today

Talk to our Team today