Aviation experts across the U.S. are warning that hackers could create a new risk for fliers: The system used on airplanes to warn pilots of impending collisions is vulnerable to attack. This announcement adds a new element to an aviation industry that has had a slew of recent problems, including the fatal crash in Washington, D.C., earlier this year and a series of blackouts at New Jersey's Newark Liberty International Airport.
The system in question has long been used to avoid collisions in the skies and is standard on modern airplanes. But this new vulnerability has some pilots worried.
What is this system?
The Traffic Collision Avoidance System (TCAS) is required on all U.S. passenger airplanes and "alerts pilots when two aircraft come dangerously close to each other," said The New York Times. If the two airplanes come within a certain proximity, TCAS "will alert pilots to a possible crash by instructing them to redirect their aircraft, either by climbing or descending."
The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
The system is not perfect, as evidenced by the mid-air crash in Washington, D.C., in January, which "sparked urgent concerns about air traffic safety" and made people question if TCAS "failed to warn the pilots of the jetliner in time," said Newsweek. Nonetheless, TCAS is a key safety feature, as the system "has been in use for decades and experts say it has significantly reduced collisions," said the Times.
How vulnerable is the system?
If hackers were to gain access to an airplane's TCAS, the "successful exploitation of these vulnerabilities could allow an attacker to manipulate safety systems and cause a denial-of-service condition," said the Cybersecurity and Infrastructure Security Agency. Hackers may be able to generate "spoofed location data" that could "lead to the appearance of fake aircraft on displays and potentially trigger undesired" TCAS warnings.
There are several unconfirmed instances in which this may have already happened. During one notable event on March 1, "more than a dozen planes inbound for Reagan [National Airport] experienced" TCAS warnings, said Intelligencer. As the planes flew closer to the airport, several "audio alarms unexpectedly went off: 'Traffic, traffic!' or 'Descend, descend!'" But the "flight crews realized that nothing was there. Visibility was good." This wasn't unprecedented, as "civil aviation around the world has experienced a growing number of similarly troubling incidents."
The "half-dozen airliners who received the alerts in short succession reacted as they had been trained to do: They followed the computer-generated commands that told them to climb or dive," said The Telegraph. Pilots are worried that the TCAS which "falsely told those pilots that a collision was imminent was not only deliberately spoofed," but that "malicious people around the world" may have been responsible.
The idea of a TCAS hack "scares the shit out of me," one pilot told The Telegraph. Still, not everyone feels that a hack is all that likely. In prior years, pilots "would often see things like miscalibrated transponders on a light aircraft, misreporting and then broadcasting the wrong data and causing weird alerts," Ken Munro, a member of the cybersecurity firm Pen Test Partners, said to the outlet. It is nevertheless "technically possible" for TCAS to be hacked, Munro said, as others have admitted. Pilots "know these attacks exist, but we don't know what would happen if they occurred," said Matt Smith, who performed a TCAS study for the U.K.'s Oxford University.
-
October 19 editorial cartoonsCartoons Sunday's editorial cartoons include Pete Hegseth and the press, an absence of government, and George Washington crossing the Delaware
-
A little-visited Indian Ocean archipelagoThe Week Recommends The paradise of the Union of the Comoros features beautiful beaches, colourful coral reefs and lush forests
-
AI: is the bubble about to burst?In the Spotlight Stock market ever-more reliant on tech stocks whose value relies on assumptions of continued growth and easy financing
-
Who are the new-wave hackers bringing the world to a halt?The Explainer Individual groups and nations are beginning to form concerning partnerships with new ways to commit cybercrime
-
AI workslop is muddying the American workplaceThe explainer Using AI may create more work for others
-
Jaguar Land Rover’s cyber bailoutTalking Point Should the government do more to protect business from the ‘cyber shockwave’?
-
Is the UK government getting too close to Big Tech?Today’s Big Question US-UK tech pact, supported by Nvidia and OpenAI, is part of Silicon Valley drive to ‘lock in’ American AI with US allies
-
'Vampire energy' could be causing your electric bill to riseUnder the Radar Wasted energy could account for up to 10% of home use
-
South Korea's divide over allowing Google MapsTalking Points The country is one of few modern democracies where the app doesn't work
-
Broken brains: The social price of digital lifeFeature A new study shows that smartphones and streaming services may be fueling a sharp decline in responsibility and reliability in adults
-
Deep thoughts: AI shows its math chopsFeature Google's Gemini is the first AI system to win gold at the International Mathematical Olympiad
