Aviation experts across the U.S. are warning that hackers could create a new risk for fliers: The system used on airplanes to warn pilots of impending collisions is vulnerable to attack. This announcement adds a new element to an aviation industry that has had a slew of recent problems, including the fatal crash in Washington, D.C., earlier this year and a series of blackouts at New Jersey's Newark Liberty International Airport.
The system in question has long been used to avoid collisions in the skies and is standard on modern airplanes. But this new vulnerability has some pilots worried.
What is this system?
The Traffic Collision Avoidance System (TCAS) is required on all U.S. passenger airplanes and "alerts pilots when two aircraft come dangerously close to each other," said The New York Times. If the two airplanes come within a certain proximity, TCAS "will alert pilots to a possible crash by instructing them to redirect their aircraft, either by climbing or descending."
The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
The system is not perfect, as evidenced by the mid-air crash in Washington, D.C., in January, which "sparked urgent concerns about air traffic safety" and made people question if TCAS "failed to warn the pilots of the jetliner in time," said Newsweek. Nonetheless, TCAS is a key safety feature, as the system "has been in use for decades and experts say it has significantly reduced collisions," said the Times.
How vulnerable is the system?
If hackers were to gain access to an airplane's TCAS, the "successful exploitation of these vulnerabilities could allow an attacker to manipulate safety systems and cause a denial-of-service condition," said the Cybersecurity and Infrastructure Security Agency. Hackers may be able to generate "spoofed location data" that could "lead to the appearance of fake aircraft on displays and potentially trigger undesired" TCAS warnings.
There are several unconfirmed instances in which this may have already happened. During one notable event on March 1, "more than a dozen planes inbound for Reagan [National Airport] experienced" TCAS warnings, said Intelligencer. As the planes flew closer to the airport, several "audio alarms unexpectedly went off: 'Traffic, traffic!' or 'Descend, descend!'" But the "flight crews realized that nothing was there. Visibility was good." This wasn't unprecedented, as "civil aviation around the world has experienced a growing number of similarly troubling incidents."
The "half-dozen airliners who received the alerts in short succession reacted as they had been trained to do: They followed the computer-generated commands that told them to climb or dive," said The Telegraph. Pilots are worried that the TCAS which "falsely told those pilots that a collision was imminent was not only deliberately spoofed," but that "malicious people around the world" may have been responsible.
The idea of a TCAS hack "scares the shit out of me," one pilot told The Telegraph. Still, not everyone feels that a hack is all that likely. In prior years, pilots "would often see things like miscalibrated transponders on a light aircraft, misreporting and then broadcasting the wrong data and causing weird alerts," Ken Munro, a member of the cybersecurity firm Pen Test Partners, said to the outlet. It is nevertheless "technically possible" for TCAS to be hacked, Munro said, as others have admitted. Pilots "know these attacks exist, but we don't know what would happen if they occurred," said Matt Smith, who performed a TCAS study for the U.K.'s Oxford University.
-
What happens to a Democratic Party without Nancy Pelosi?TODAY'S BIG QUESTION The storied former speaker of the House is set to retire, leaving congressional Democrats a complicated legacy and an uncertain future
-
The plant-based portfolio diet focuses on heart healthThe Explainer Its guidelines are flexible and vegan-friendly
-
Gregory Bovino: the officer leading Border Patrol’s aggressive tacticsIn the Spotlight He has been referred to as the Border Patrol’s ‘commander-at-large’
-
Microsoft pursues digital intelligence ‘aligned to human values’ in shift from OpenAIUNDER THE RADAR The iconic tech giant is jumping into the AI game with a bold new initiative designed to place people first in the search for digital intelligence
-
‘Deskilling’: a dangerous side effect of AI useThe explainer Workers are increasingly reliant on the new technology
-
AI models may be developing a ‘survival drive’Under the radar Chatbots are refusing to shut down
-
Saudi Arabia could become an AI focal pointUnder the Radar A state-backed AI project hopes to rival China and the United States
-
Why Britain is struggling to stop the ransomware cyberattacksThe Explainer New business models have greatly lowered barriers to entry for criminal hackers
-
Wikipedia: Is ‘neutrality’ still possible?Feature Wikipedia struggles to stay neutral as conservatives accuse the site of being left-leaning
-
AI is making houses more expensiveUnder the radar Homebuying is also made trickier by AI-generated internet listings
-
Who are the new-wave hackers bringing the world to a halt?The Explainer Individual groups and nations are beginning to form concerning partnerships with new ways to commit cybercrime
