With air-related travel security at an all-time high, a security expert and pilot reveals that airplanes can be hijacked with help of an Android phone and additional software that can take advantage of the dated airplane computer systems.
Talking at the Hack In The Box Conference in Amsterdam, the Netherlands, Hugo Teso – an IT security expert and trained commercial pilot, with extensive experience in both fields – has revealed that current airplanes are susceptible to malicious attacks that could let hackers take “complete control” of aircrafts with help of a mobile device.
Teso used his knowledge about aviation computer systems and communication protocols security to develop software that would install itself on the on-board computer (SIMON) as well as a simple Android app that would then let a hacker control various aspects of the plane (PlaneSploit).
The two airplane security technologies Teso took advantage of are the Automatic Dependent Surveillance-Broadcast (ADS-B) and the Aircraft Communication Addressing and Reporting System (ACARS). Both of them are apparently “highly susceptible” to “a number of passive and active attacks.” Here’s what each of them is responsible for according to Net Security:
One of the two technologies he abused is the Automatic Dependent Surveillance-Broadcast (ADS-B), which sends information about each aircraft (identification, current position, altitude, and so on) through an on-board transmitter to air traffic controllers, and allows aircrafts equipped with the technology to receive flight, traffic and weather information about other aircrafts currently in the air in their vicinity.SIMON is a framework that works only in a virtual environment created with help of software and hardware products for this purpose by Teso to simulate real life scenarios. Once deployed, it’s apparently untraceable, and allows the hacker to upload other software to the “Flight Management System [FMS] (computer unit + control display unit)” on a plane and then further control the aircraft remotely with help of the Android app.
The other one is the Aircraft Communications Addressing and Reporting System (ACARS), which is used to exchange messages between aircrafts and air traffic controllers via radio or satellite, as well as to automatically deliver information about each flight phase to the latter.
- Please go here: A way of interacting with the plane where the user can dynamically tap locations on the map and change the plane’s course.
- Define area: Set detailed filters related to the airplane, for example activate something when a plane is in the area of X kilometers or when it starts flying on a predefined altitude.
- Visit ground: Crash the airplane.
- Kiss off: Remove itself from the system.
- Be punckish: A theatric way of alerting the pilots that something is seriously wrong – lights start flashing and alarms start buzzing.
As for airplane industry, it would appear that it’s aware of these security issues. Teso informed companies of his security research thus far, and it looks like they will work with him in the future, probably to patch vulnerabilities. The newer the airplanes, the easier for their software to be updated, but some systems dating back to the 1970s could be almost impossible to fix.
With all that in mind, we can only appreciate the way modern mobile technology has been used to discover and address such security issues related to an industry where security is of utmost importance.
Thanks, Zeljka!
Source:Net Security
Android themes
Android tablet themes
What is the best tablet
best ipad games
iphone themes
0 nhận xét :
Post a Comment