Airplane crash-detection systems could be vulnerable to hackers

Aviation experts across the U.S. are warning that hackers could create a new risk for fliers: The system used on airplanes to warn pilots of impending collisions is vulnerable to attack. This announcement adds a new element to an aviation industry that has had a slew of recent problems, including the fatal crash in Washington, D.C., earlier this year and a series of blackouts at New Jersey's Newark Liberty International Airport.

The system in question has long been used to avoid collisions in the skies and is standard on modern airplanes. But this new vulnerability has some pilots worried.

What is this system?

The Traffic Collision Avoidance System (TCAS) is required on all U.S. passenger airplanes and "alerts pilots when two aircraft come dangerously close to each other," said The New York Times. If the two airplanes come within a certain proximity, TCAS "will alert pilots to a possible crash by instructing them to redirect their aircraft, either by climbing or descending."

The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

SUBSCRIBE & SAVE

Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Sign up

The system is not perfect, as evidenced by the mid-air crash in Washington, D.C., in January, which "sparked urgent concerns about air traffic safety" and made people question if TCAS "failed to warn the pilots of the jetliner in time," said Newsweek. Nonetheless, TCAS is a key safety feature, as the system "has been in use for decades and experts say it has significantly reduced collisions," said the Times.

How vulnerable is the system?

If hackers were to gain access to an airplane's TCAS, the "successful exploitation of these vulnerabilities could allow an attacker to manipulate safety systems and cause a denial-of-service condition," said the Cybersecurity and Infrastructure Security Agency. Hackers may be able to generate "spoofed location data" that could "lead to the appearance of fake aircraft on displays and potentially trigger undesired" TCAS warnings.

There are several unconfirmed instances in which this may have already happened. During one notable event on March 1, "more than a dozen planes inbound for Reagan [National Airport] experienced" TCAS warnings, said Intelligencer. As the planes flew closer to the airport, several "audio alarms unexpectedly went off: 'Traffic, traffic!' or 'Descend, descend!'" But the "flight crews realized that nothing was there. Visibility was good." This wasn't unprecedented, as "civil aviation around the world has experienced a growing number of similarly troubling incidents."

The "half-dozen airliners who received the alerts in short succession reacted as they had been trained to do: They followed the computer-generated commands that told them to climb or dive," said The Telegraph. Pilots are worried that the TCAS which "falsely told those pilots that a collision was imminent was not only deliberately spoofed," but that "malicious people around the world" may have been responsible.

The idea of a TCAS hack "scares the shit out of me," one pilot told The Telegraph. Still, not everyone feels that a hack is all that likely. In prior years, pilots "would often see things like miscalibrated transponders on a light aircraft, misreporting and then broadcasting the wrong data and causing weird alerts," Ken Munro, a member of the cybersecurity firm Pen Test Partners, said to the outlet. It is nevertheless "technically possible" for TCAS to be hacked, Munro said, as others have admitted. Pilots "know these attacks exist, but we don't know what would happen if they occurred," said Matt Smith, who performed a TCAS study for the U.K.'s Oxford University.