Can a plane be hacked?
US Homeland Security issues warning over vulnerabilities for small aircraft
Flight systems on small planes are vulnerable to hacking if an intruder gains physical access to the aircraft, the US Department of Homeland Security warned this week.
Plane owners are being advised to restrict unauthorised access to their planes until a safeguard is developed by the industry.
So how can a small plane be hacked?
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
Rapid7, a cybersecurity company based in Boston, “found that an attacker could potentially disrupt electronic messages transmitted across a small plane’s network, for example by attaching a small device to its wiring, that would affect aircraft systems”, reports the Associated Press (AP).
Engine readings, compass data, altitude and other readings “could all be manipulated to provide false measurements to the pilot”, according to the newly issued Homeland Security alert.
The department is urging manufacturers to review how they implement open electronics systems know as the Controller Area Network, or CAN bus.
Danish developer CSS Electronics describes the CAN bus as “the nervous system, enabling communication between all parts of the body”. Originally developed by Robert Bosch in 1986, it allows parts of a machine to “communicate with each other without complex dedicated wiring in between”, and “this allows for several features to be added via software alone”, says the CSS website.
As such, a hacker could hijack the CAN bus to take over the aircraft, says AP.
The US Federal Aviation Administration (FAA) has issued a statement saying that a scenario where someone has unrestricted physical access to a plane is unlikely, but that the report was “an important reminder to remain vigilant” about physical and cybersecurity aircraft procedures.
What about larger planes?
“The Rapid7 report focused only on small aircraft, because their systems are easier for researchers to acquire. Large aircraft frequently use more complex systems and must meet additional security requirements,” explains AP.
Most airports have security to restrict unauthorised access and no evidence has been found as yet to suggest that the vulnerability has been exploited.
Nevertheless, Robert Hickey, a US Department of Homeland Security official, was able to hack into the systems of a Boeing 757 at an airport in Atlantic City in September 2016. The worrying feat took him just two days, without any insider help or being onboard, using “typical stuff that could get through security”, he said.
The Financial Times reports that Hickey waited a year to “drop his bombshell”, at a conference in Virginia, and “gave scant detail about what had been accessed and how - for obvious security reasons”.
Despite the lack of information about his methods, “his revelation has raised serious questions about aviation’s exposure to cyberattack as aircraft, airports and air traffic control systems become increasingly reliant on digital systems”, the newspaper notes.
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
-
2024: the year of romantasies
In the Spotlight A generation of readers that grew up on YA fantasy series are getting their kicks from the spicy subgenre
By Theara Coleman, The Week US Published
-
US won its war on 'murder hornets,' officials say
Speed Read The announcement comes five years after the hornets were first spotted in the US
By Peter Weber, The Week US Published
-
California declares bird flu emergency
Speed Read The emergency came hours after the nation's first person with severe bird flu infection was hospitalized
By Rafi Schwartz, The Week US Published
-
Senate passes FAA bill with new consumer protections
Speed Read The legislation will require airlines to refund customers for flight delays
By Peter Weber, The Week US Published
-
Boeing facing more questions after mid-air panel blowout
Speed Read US authorities ground latest Max 737 jets after 'catastrophic' crashes involving older models
By Rebekah Evans, The Week UK Published
-
The Week Unwrapped: Factories, drug money and scanners
podcast Will a UK lawsuit lead to better working conditions in Thailand? Could a new way of funding antibiotics help tackle resistance? And is airline security about to change for the better?
By The Week Staff Published
-
The Week Unwrapped: Chinese protests, supersonic jets and university cheats
podcast Will mortgage strikes force China to change course? Does Concorde finally have a worthy successor? And what’s behind a rise in cheating?
By The Week Staff Published
-
American Airlines confirms UFO encounter
feature And other stories from the stranger side of life
By Chas Newkey-Burden Published
-
Business Unwrapped: clean growth
feature How a new breed of battery will help to power a lower-emission economy
By The Week Staff Published
-
Toxic flying: how safe is the air inside plane cabins?
In Depth Union preparing to take four airlines to court over ‘fume events’ in the sky
By The Week Staff Published
-
The Week Unwrapped podcast: Autopilot security, Apple’s pivot and candid weddings
In Depth How hard is it to hack an airliner? Have we reached peak iPhone? And would you trust a low-fi wedding photographer?
By The Week Staff Published