As the Federal Aviation Administration (FAA) continues to spend tens of billions on developing and upgrading their air traffic control systems, a European hacker showcased a malicious code framework and a cellular phone app that could theoretically be used to hijack a plane in flight. The impressive, yet sobering revelation came at the Hack in the Box security conference in Amsterdam, the Netherlands on Wednesday. The hacker, a German security consultant and commercial pilot of 12 years named Hugo Teso, demonstrated to an assembled conference crowd how his developed tools could access the onboard computer and take command of a Boeing jet in flight.
Teso’s code, named SIMON, is a framework that can be used to exploit a plane’s security system and it can be used in conjunction with a radio transmitter and an application named PlaneSploit developed to be used with a simple Android cell phone. Deeming the accessing and controlling of a real plane to be unethical and far too dangerous, Teso demonstrated the potential hacking danger using flight management hardware he purchased on EBay and flight-simulator software. According to Help Net Security analysts, Teso’s program execution and results in his laboratory demonstration were “absolutely the same as they would be in an actual real-world scenario.”
In the eye-opening demonstration the crowd was shown how with simple screen taps, a hacker could input information into a plane’s onboard computer, turn lights off and on, adjust speed and altitude, drop oxygen masks in the cabin areas, and even reset the plane’s course. This technology could easily be used to set the plane on a crash course by setting it into the path of another plane or tapping a preprogrammed command like “Visit Ground.”
Teso said the development and the demonstration were designed to raise red flags to the FAA that their systems, even the new multi-billion dollar NextGen Air Transportation System which uses GPS technology instead of radar to track planes, are vulnerable to electronic attacks. “This is a remarkable example of technology evolution – ten years ago we barely had [phones] with a color screen, today we can use them to hack aircrafts,” said Help Net Security in a blog post.
It is important to note that this method of hijacking and controlling an active aircraft depends on the plane being on autopilot. Pilots could fight off the hijack attempt and regain control of the aircraft by simply switching to analog controls. The problem therein is that the majority of planes now are without analog controls, and as Teso pointed out, it also depends on the pilots noticing that the control of the aircraft has been compromised in the first place.
Teso, after testing his code and software in repeated simulations, contacted the companies who are responsible for the technology he exploited to warn them about their vulnerabilities. According to him, the companies were very receptive to his findings. He has also reached out to aviation safety and security officials on both sides of the Atlantic briefing them on the potential dangers. His intention was to point out the vulnerabilities and not offer potential hijackers a blueprint. To this end, he did not share certain secrets about his developed technology or specific details on the vulnerabilities in the systems he was able to exploit. “From the sound of things, this researcher has got himself a lot of media attention, but still believes in responsible disclosure, rather than potentially putting aircraft and passengers at risk,” said Sophos Security analyst Graham Cluley.