Flight systems on small planes are vulnerable to hacking if an intruder gains physical access to the aircraft, the US Department of Homeland Security warned this week.
So how can a small plane be hacked?
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
Rapid7, a cybersecurity company based in Boston, “found that an attacker could potentially disrupt electronic messages transmitted across a small plane’s network, for example by attaching a small device to its wiring, that would affect aircraft systems”, reports the Associated Press (AP).
Engine readings, compass data, altitude and other readings “could all be manipulated to provide false measurements to the pilot”, according to the newly issued Homeland Security alert.
The department is urging manufacturers to review how they implement open electronics systems know as the Controller Area Network, or CAN bus.
Danish developer CSS Electronics describes the CAN bus as “the nervous system, enabling communication between all parts of the body”. Originally developed by Robert Bosch in 1986, it allows parts of a machine to “communicate with each other without complex dedicated wiring in between”, and “this allows for several features to be added via software alone”, says the CSS website.
As such, a hacker could hijack the CAN bus to take over the aircraft, says AP.
The US Federal Aviation Administration (FAA) has issued a statement saying that a scenario where someone has unrestricted physical access to a plane is unlikely, but that the report was “an important reminder to remain vigilant” about physical and cybersecurity aircraft procedures.
What about larger planes?
“The Rapid7 report focused only on small aircraft, because their systems are easier for researchers to acquire. Large aircraft frequently use more complex systems and must meet additional security requirements,” explains AP.
Most airports have security to restrict unauthorised access and no evidence has been found as yet to suggest that the vulnerability has been exploited.
Nevertheless, Robert Hickey, a US Department of Homeland Security official, was able to hack into the systems of a Boeing 757 at an airport in Atlantic City in September 2016. The worrying feat took him just two days, without any insider help or being onboard, using “typical stuff that could get through security”, he said.
The Financial Times reports that Hickey waited a year to “drop his bombshell”, at a conference in Virginia, and “gave scant detail about what had been accessed and how - for obvious security reasons”.
Despite the lack of information about his methods, “his revelation has raised serious questions about aviation’s exposure to cyberattack as aircraft, airports and air traffic control systems become increasingly reliant on digital systems”, the newspaper notes.
-
Weapons: Julia Garner stars in 'hyper-eerie' psychological thrillerThe Week Recommends Zach Cregger's 'top notch' new film opens with 17 children disappearing at exactly the same time
-
Freakier Friday: Lohan and Curtis reunite for 'uneven' but 'endearing' sequelThe Week Recommends Mother-and-daughter comedy returns with four characters switching bodies
-
Al fresco art: the UK's best sculpture parksThe Week Recommends Soak up the scenery with a stroll through these open-air galleries
-
Hundreds die in Air India crash with 1 survivorSpeed Read The London-bound Air India Boeing 787 Dreamliner crashed soon after takeoff
-
Southwest joins rival airlines on paid baggageSpeed Read The company is ending its longtime free-luggage policy
-
Delta flight lands upside-down in Toronto, no deathsspeed read At least 18 people were injured in a flight that landed at Toronto's Pearson International Airport
-
Passenger jet, Blackhawk helicopter collide in DCSpeed Read An American Airlines flight with 64 people aboard collided with an Army helicopter, and no survivors have been found
-
Washington DC plane crash: how did mid-air collision happen?Today's Big Question Experts struggle to explain how sophisticated airspace control system failed to prevent deadly disaster
-
Senate passes FAA bill with new consumer protectionsSpeed Read The legislation will require airlines to refund customers for flight delays
-
Boeing facing more questions after mid-air panel blowoutSpeed Read US authorities ground latest Max 737 jets after 'catastrophic' crashes involving older models
-
The Week Unwrapped: Factories, drug money and scannerspodcast Will a UK lawsuit lead to better working conditions in Thailand? Could a new way of funding antibiotics help tackle resistance? And is airline security about to change for the better?
