Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security Transportation IT

Calling Out a GAO Report That Says In-Flight Wi-Fi Lets Hackers Access Avionics 113

An anonymous reader writes A new report from the U.S. Government Accountability Office (GAO) warns that in-flight W-Fi, including wireless entertainment and internet-based cockpit communications, may allow hackers to gain remote access to avionics systems and take over navigation. At the same time, a cyber expert and pilot called the report "deceiving" and said that "To imply that because IP is used for in-flight WiFi and also on the avionics networks means that you can automatically take over the avionics network makes about as much sense as saying you can take over the jet engines because they breathe air like the passengers and there is no air gap between passengers who touch the plane and the engines which are attached to the plane."
This discussion has been archived. No new comments can be posted.

Calling Out a GAO Report That Says In-Flight Wi-Fi Lets Hackers Access Avionics

Comments Filter:
  • by xxxJonBoyxxx ( 565205 ) on Thursday April 16, 2015 @10:38AM (#49485987)

    This is a dup story, so here's my dup comment:
    See DefCon 22's avionics preso from 2014 to see what you can and can't do from a hacker's perspective.
    https://www.defcon.org/images/... [defcon.org]
    (Since the summary doesn't even often a link or name...this MIGHT even be exactly what the submitter is talking about.)

    • by Minupla ( 62455 )

      Mod this up - Seriously, if you're at all thinking this stuff might be possible read the paper for a good analysis of what is and isn't possible. (hint: your probably more at risk from signals outside of the plane then from someone inside it, and not all that much risk (for now) even then.)

      Min

      • Seriously, if you're at all thinking this stuff might be possible...

        Perhaps Jeff Goldblum can upload a virus that makes an animated skull and cross-bones appear on the pilot's view screen - "ar, ar, ar" - 'cause he did it in Independence Day - to an *alien* space ship. Why would human airships be any less secure? It's possible, just not very probable...

        • by Minupla ( 62455 )

          Yep, it's possible. There's a couple of places listed in the talk that a skilled enough attacker could maybe make inroads, but the probability is limited by the fact that the networks speak VASTLY different networking protocols. Jeff *might* be able to infect the network bridge on a couple of specific airplane models.

          Of course, if it's Bruce Schneier [schneierfacts.com], just let him into the cockpit and give him the flight yoke, it'll be slower :)

          Min

        • Human airships would be more secure. They don't have the ability to recompile untrusted PowerPC code.

      • by Lumpy ( 12016 ) on Thursday April 16, 2015 @12:22PM (#49487071) Homepage

        It's the same for all the hype over car systems. EVERY SINGLE EXAMPLE they have to install hardware to get access to the data interface.

        So yes Terrorists can take over the airplane from their cellphones if the flight crew let them into the maintenance areas and help them install several specialized devices that give them access.

        The terrorists need to make appointments so they can make sure that avionics technicians are on hand to help them

        • Fortunately pilots are less likely to do it to themselves then drivers are :).

          http://jalopnik.com/progressiv... [jalopnik.com]

          Min

        • by Anonymous Coward on Thursday April 16, 2015 @03:23PM (#49488827)

          The 777 is unique in its vulnerability to precisely what you mention. The avionics bay access hatch is conveniently next to the toilet but behind a corner. An anonymous youtube poster who claims to be a pilot recorded a video when flying as a passenger to draw attention to this in the wake of MH370 and showed how he during a flight could get in and out of the avionics bay through that hatch with nobody noticing. Most people on board were sleeping and those who saw him, presumably thought he was just going to the toilet. The first thing to address this problem which no other plane has would be to put a fucking lock on that hatch and keep the key in the cockpit. Currently, two people with nefarious intentions can do anything to a 777 that can be done with access to the avionics and the right know-how. One just has to "stand in line" to the toilet and the other can fiddle undisturbed with all aircraft electronics. Thus I consider precisely such a "hijacking" one of the more plausible scenarios in the case of MH370. And the issue has still not been addressed.

          The video was first linked to on pprune but might be unlisted and the thread is long so I can't find it but will post again, if I do find it.

          • This avionics bay access hatch vulnerability was recently reported on CNN [ironically, prior to the GermanWings disaster]

            • by dave420 ( 699308 )
              There is nothing remotely ironic about that... Is that you, Alanis?
              • I'm not Alanis.

                Perhaps, ironic was an unfortunate choice of words, but I didn't mean it in terms of sarcastic/sardonic. There is an alternate definition:

                happening in the opposite way to what is expected, and typically causing wry amusement because of this.
                "it was ironic that now that everybody had plenty of money for food, they couldn't obtain it because everything was rationed"

                (e.g. paradoxical, incongruous)

                Shortly after 9/11 when they were first proposing armoring the cockpit doors, I remember thinking: "But, what if you have [a legitimate need] to get in there?". Hence, the irony for me. If the locked out pilot had access through such a maintenance port, he might have been able to override the suicidal co-pilot.

                After Germa

    • I think this is quite obvious to most engineers that have worked on safety critical systems. This whole issue is just about creating fear so some security consulting firms can make extra money. It is a tried and true method.

      Every time there is an energy crisis I see a new guy on TV who has 'invented' a water powered car and just needs some money to commercialise it. Every time. They all do the same thing, have some technobabble, accept a challenge to be black-box tested by a professor at a reputable univers

    • by Anonymous Coward on Thursday April 16, 2015 @11:44AM (#49486651)

      Mod parent down. I attended the presentation in person. The presenter is full of shit.

      He based his presentation on flight simulators and utter conjecture. Flight simulators do not model the internal workings of an airplane, but rather the flight characteristics. You can't learn how the internals work without any reference to the internals. The guy made claims about things that just aren't true. He also spread a lot of FUD - "isn't it scary that landing times are on the Internet? What evil things could I do with that?!?" Idiot. Flight plans have to be public, because they're offering travel to the public. If you don't know when the plane lands, you can't schedule a ride from family. If they don't know when it lands, they can't schedule their pickup of you.

      The 'hacker' that presented that tripe doesn't know what he's talking about.

      • Flight plans have to be public, because they're offering travel to the public. If you don't know when the plane lands, you can't schedule a ride from family.

        While the two kinds of data are similar, they are not identical.

        The flight schedule has to be online for the reasons you gave. But the flight schedule is not the flight plan, and the times can differ by a significant amount. Every time you've arrived or left early or late, you're comparing your watch to the scheduled time. The flight plan will be much more accurate and be based on existing conditions.

        For example, the "book" time for a United flight from PDX (Portland OR) to ORD (Orchard, I mean O'Hare Ch

      • > Flight simulators do not model the internal workings of an airplane, but rather the flight characteristics.

        Do you know that for a fact? I am not familiar at all with flight simulators, but I am familiar with car and motorcycle simulation software such as computer games. The reason I am asking you this is because some of these do emulate the internal workings of the cars, to the point that, after a race, you can generate the exact telemetry log file that the real thing would generate, in the very same f

    • by BitZtream ( 692029 ) on Thursday April 16, 2015 @11:45AM (#49486661)

      This story is just a slashvertisement.

      The story linked (now linked in the summary) is to a guy making silly ignorant statements about how the GAO is wrong but in such a vague way that I can safely say the guy making these silly comments is wrong. He's arrogantly implying that no aircraft can be hacked because they never make any mistakes and use separate systems and a special software device (thats not a firewall!) that acts as a firewall and doesn't let the two connected networks communicate with each other ...

      Also he seems to think that engines 'breath' air, and that the air inside the cabin of an airliner is not at all isolated from the air that goes into the engines.

      In short, the summary refers to an article written by someone that claims to be a security expert AND pilot while at the same time making incredibly stupidly inaccurate blanket statements that any useful security officer and certainly any pilot know are too broad and vague to be true or just flat out wrong.

      There most certainly IS a firewall between the passengers and the engines on commercial jet aircraft, otherwise the people would die at 30k feet. The fact that he claims to be a pilot and then claims there is no separation between the cabin and exterior is just scary.

      And claiming that this other special box ... that acts as a firewall ... but since they gave it another name, its not actually a firewall, so therefor its not possible to be hacked and bypassed.

      The reality of it is, what the GAO said IS TRUE. IT IS possible that 'hackers' MIGHT be able to cross the network boundaries if they are physically connected, anyone who claims this is not true knows absolutely nothing about IT security or security on complex systems in general. You work really hard to prevent it, and make certain design decisions to make it hard to cross that gap, but the instant they are connected, you've created the possibility. You can't honestly claim that your network is 100% secure and impeneratble which is what this guy is trying to claim ... about aircraft that he's never had anything to do with, never seen, knows nothing about the internal operation of ... just because he's a pilot doesn't make him suddenly privy to private information internal to Airbus or Boeing.

      Once again, I repeat, this is nothing but a shitty slashvertisement. They probably paid timothy to post it to the front page, which explains why it was done in such a hurry the first time and didn't even have a fucking link in it.

      • by Lumpy ( 12016 ) on Thursday April 16, 2015 @12:24PM (#49487093) Homepage

        Hackers have a better chance of deorbiting a satellite and hitting the aircraft while it is in flight than they do taking it over from the in flight wifi.

      • by AK Marc ( 707885 )

        a special software device (thats not a firewall!) that acts as a firewall

        A firewall is a special software device. There are lots of Linux firewalls out there and other purely software firewalls. Aside from protecting against electrical attacks, there is little that can be done to a software firewall that will be different from what can be done to a software firewall. I remember cracking open a Cisco PIX and seeing a bog-standard Intel wireless card plugged into the motherboard that was running an Intel Pentium CPU. But that relatively-standard PC is called a "hardware firewa

      • You saw an article with simplistic pull quotes -- don't assume that's all there is.

        Airliners avionics are comparatively stone age. This is not all bad. The connection between the two is one way - out.

        Could someone be contemplating a linux based glass panel display that you can e-mail your flight plan to? Yes. Do private pilots often rely upon ipads for display even in IFR conditions -- probably yes. Can those instruments (both the theoretical and the actual) be compromised? Yes.

        Are airliners flying th

    • by durrr ( 1316311 )

      I didn't know jet engines were this unsafe. I'm only flying turboprop henceforth.

  • Hmmm .... (Score:5, Insightful)

    by gstoddart ( 321705 ) on Thursday April 16, 2015 @10:39AM (#49485993) Homepage

    So, Mr cyber Expert and Pilot, other than saying "nuh uh", do you have anything to suggest there is no chance of this?

    We know people can hack air gaps, and if the in-flight wi-fi is at all connected to the electronics in the airplane, there's potentially a lot of attack vectors.

    And since there is no actual article, just a summary which says some guy says it can't happen ... I call "bullshit" on the whole story.

    Seriously, timothy, a link to a story or this is nothing more than innuendo.

    • by ceoyoyo ( 59147 )

      If you can hack an air gap down in the avionics bay, you can hack the one where a control cable runs by inches from your seat. That doesn't have much to do with the wifi.

      If the wifi network is connected to the avionics network, i.e. with no air gap, that's stupid and should be fixed.

      • Re: (Score:2, Insightful)

        by gstoddart ( 321705 )

        Honestly though, we see pretty much daily that the number of security holes in a system is proportional to its complexity.

        A modern aircraft is an immensely complex maze of wiring. A 'modern' aircraft could be easily 10-15 years (or more) old, and full of systems which weren't designed with security in mind.

        If you've ever sat in an aircraft seat and seen the navigation display which shows your position, altitude and speed ... you can bet your ass there is some connectivity among the systems.

        So, if the defau

        • by Anonymous Coward

          "If you've ever sat in an aircraft seat and seen the navigation display which shows your position, altitude and speed ... you can bet your ass there is some connectivity among the systems."

          And this interconnectivity is typically done using something called VIDEO. Imagine a "server" that is connected to the internal avionics bus on one side and has an HDMI output on the other. It reads the avionics signals for position, etc. and produces an image. Then a second "server", that is not connected to the first

        • It would not much fail to surprise me if it wasn't done this way; but something like those seatback location/direction displays require relatively little data transfer(you wouldn't need more than the 4800 baud NMEA spew you'd get from a standard GPS device, and you could likely get away with less) and no responses from the seatback unit; so you could do everything you'd need over an isolated, intrinsically unidirectional, link.

          Put the avionics on the emitter side of an optoisolator, blindly blinking out
          • by Anonymous Coward

            Precisely my point! It is possible to design systems in such a way that they are intrinsically un-hackable. Uni-directional gateways are one simple approach to that. There's another less sinister reason for doing it this way--cost. While it may seem to the lay person who has never worked on a safety critical system that adding a gateway adds complexity and cost, the fact is that it reduces cost.

            Why? Any software that is connected to the aircraft bus must be certified through a grueling, time consuming a

        • by ceoyoyo ( 59147 )

          You're making unfounded assumptions. Before they started putting those GPS displays in the seats I used to take my hand held GPS as carryon. I had all the same information and my Garmin was certainly not connected to the aircraft systems.

          According to the slides somebody linked up above, the airplane avionics network is isolated from everything else (running a completely different protocol) except for a specific exception that Boeing got for some 777s, subject to a bunch of security requirements. If I wer

    • by timothy ( 36799 ) Works for Slashdot

      Sorry -- I cut-and-not-pasted that link; now fixed.

    • by st2434 ( 4054217 )
      The story isn't saying that there's absolutely no way to hack a plane. Rather, there was a GAO report released saying that in-flight Wi-Fi and entertainment can be used to hack into avionics systems and take over autopilot, and this other expert is saying "that's bullshit."
    • No seriously, the radio is not connected to the computer system, the comptuer system is extremely conservative by many standard and is not connected to the in flight wifi. You cannot have an air-gap attack without a microphone or similar device.

      The gao report is a complete nonsense and was laughed out by all technical people involved in the computer system of airplane or in flight entertainment.

      "So, Mr cyber Expert and Pilot, other than saying "nuh uh", do you have anything to suggest there is no c

  • New concept (Score:5, Funny)

    by courteaudotbiz ( 1191083 ) on Thursday April 16, 2015 @10:40AM (#49485999) Homepage
    Its a brand new concept called "crowd-piloting". The plane goes wherever its passengers feel to go. Very nice!
  • I mean to say there is a potential air gap with 2.4GHz and bluetooth and who knows what else if someone's laptop or smartphone was hacked remotely. But the cockpit door is RF shielded so that's the end of that.
    • by cdrudge ( 68377 )

      But the cockpit door is RF shielded so that's the end of that.

      It's a good thing everything necessary for the successful operation of a plane is contained behind that cockpit door...

  • Do the two networks share a piece of networking equipment at any point on the plane? Is it just two subnets with a [buggy] firewall between them?
    • Exactly this. I'd like to think that there's an air gap (ahem) between the avionics and passenger networks, and that it's impossible to access the avionics system from the passenger compartment. I'd also like to think it doesn't rely on security through obscurity, like "we run our API server on port 81 instead of port 80, ha-HA!". Come on, Slashdot: we have to have at least one aerospace engineer in here, don't we?
      • We do, but this aero doesn't do all that electrons stuff. I deal with the magic that makes thousands of pounds magically levitate; it's the EEs that magically make disembodied human voices come out of nowhere and blinky lights obey the commands of hidden daemons. ;-)

    • Do the two networks share a piece of networking equipment at any point on the plane? Is it just two subnets with a [buggy] firewall between them?

      On the 787, the answers are NO, and NO. The aircraft has more than two subnets, but does have equipment that spans more than one subnet.... Don't know about the buggy firewalls though, but I assume the firewalls are not that buggy. This was all well understood before the FAA issued the type certification and the FAA required additional work by Boeing (beyond what the existing regulations required) before they would issue the certification. The GAO is nuts.

  • This report is just a warning, then CNN gets it and asks broad questions "could someone do this??" and an expert who hasn't seen the architecture says, "sure, it could happen". He wants to say "but, in the real world, no!", of course the CNN anchor cut him off. It is possible that the pilots iPad may be connected to the passenger cabin WiFi if the pilot was connected earlier, but forgot to switch over. Connecting the iPad to the aircraft will only bring in power, nothing else. There is no way to control the

  • Uhh (Score:5, Insightful)

    by StikyPad ( 445176 ) on Thursday April 16, 2015 @10:50AM (#49486125) Homepage

    If there's no air gap between the passengers and the engines on your flights, then I'll take another flight please.

    • Oh man, you're never going to fly again once you realise that the cabin pressure is regulated by taking some of the air ingested by the engines from between the first 2 stages. You are literally breathing the same air as the engine.

  • I am sure in-flight Wi-Fi can be used by pedophiles to watch child porn! And by terrorists to plan terror attacks!!!

    OMG!! We must ban it

  • by rodrigoandrade ( 713371 ) on Thursday April 16, 2015 @11:14AM (#49486389)
    Is warning me that $DEVICE that can kill hundreds of people if hacked is insecure.

    Oh, the horror!!!
  • by ledow ( 319597 ) on Thursday April 16, 2015 @11:17AM (#49486411) Homepage

    At the very least, I'd expect a VLAN.

    In actuality, I'd expect disparate, unconnected systems possibly even running in separated VLANs and subnets with IPS on the avionics controls JUST IN CASE.

    Given that avionics are used to dealing with highly technological and highly critical systems, I think I could trust them to not mess it up. Especially if it in any way could even theoretically allow a possibility for an attacker to affect a flight path.

    Airport security, the guy loading my luggage, or the guest wifi in the lounge? Yeah, separate problem with trust in question. But on-board wifi? I'd be damned if you could send a single packet from the wifi to the avionics even in theory.

    • You are correct.. They maintain LOGICAL separation very well. Most people confuse the LOGICAL separation issue with PHYSICAL separation and think that you need to have the latter or you don't have the former. But even with physical separation, you don't have logical separation all the time.

      Security requires LOGICAL separation, but that does not require physical separation.

      • Comment removed based on user account deletion
        • They have touch points physically... There are some things the WiFi systems just need to know that come from the flight control systems, or systems which are attached to systems which are attached to... (You get the idea)

          Where I seriously doubt there is a direct logical connection, where some hacker just needs to know the right IP address to adjust the auto pilot or something, there are physical data connections between the wifi network and the flight controls.

    • by Anonymous Coward

      The IP protocol is not deterministic and therefore is not used for avionics. The very few network topologies used are not used for flight critical inputs. ARINC 429 is the networked bus used, and that only for mission data, not flight safety critical data.

      • by Anonymous Coward

        Mod parent up, he is exactly right.

        See ARINC 429 [wikipedia.org] for more insight into it. (Since you can do IP over almost anything, including avian carriers, there's probably a way to do IP over ARINC 429, but AFAIK they don't, and it's not your standard Ethernet by a long shot.)

  • If you're talking about passengers and engines breathing air, then any separation wouldn't be an air gap.
    The separation we have now is an aluminum and plastic gap. And it works.

  • How it all works (Score:4, Informative)

    by Anonymous Coward on Thursday April 16, 2015 @12:27PM (#49487121)

    1. My First Ever Post, please go easy
    2. I'm an aircraft engineer with about 12 years in the industry with experience of small and large jets, with both the big orange airline in Europe and the "other" british long haul carrier based at Heathrow.

    The WiFi system on board arrives at the plane via a dedicated satellite reciever designed for the specific task of internet connectivity. From there it plugs into the In Flight Entertainment system and the signal is projected via specially designed wifi routers that allow passengers to connect. At no point do the IFE system and the Avionics systems inter-connect physically. Furthermore, the IFE computers are actually stored under each row of seats and drive that row's IFE. Ever kicked that steel box under the end row? Thats the IFE controller for your row.

    The avionics systems are connected using an ARINC 429 system - http://en.wikipedia.org/wiki/ARINC_429. This is similar to a home network, but extremely specialised and focused on the job at hand. You cannot hack the IFE system and "get" into the Avionics. Yes, "Air Gap" hacking has been proven. Thats on computers that are next to eachother, not sat 100+' away through aluminium floor supports and all the other cabin interior. Who ever wrote the subject article has clearly never looked at the technicalities of what he is suggesting.

    Thanks

  • about coordinated attacks leveraging onboard wifi.

  • I will not have networked computers on this ship!
  • These are not IP networks they are Ethernet networks which means they are susceptible to ARP Spoofing attacks and other Ethernet tricks
  • Is how do you explain this to the sheep without coming across as condescending.... see what I did there?

  • But the engineers checking airplane safety aren't computer netwrok security experts. I really worry that the systems interconnected somewhere or shared some components they assumed safe. Automobiles got them mingled already.
  • This is next weeks episode of CSI:CYBER - they're looking for opinions to see if they can improve realism. Or maybe its a story board for Scorpion. Either way - mildly entertaining. ;P
  • The GAO report is actually about the cybersecurity of the FAA. The comment about security on the airplane actually starts out by explicitly pointing out that this isn't a problem right now. It MIGHT become one in the future and they aren't satisfied with how the FAA would deal with hybrid system in modern planes. This entire blogpost is a bullshit response to a rather good report.

    The GAO simply wants the FAA to increase their cybersecurity. I don't think that is a big problem.

  • Until one understands all the ARINC systems aboard, both the Boeing 777 and Airbus, and the satellites (including the Inmarsat satellites), and the avionics systems at control towers are ARTCCs and earth ground stations and VSATS, and the Microsemi FPGAs installed, and the Freescale chips, etc., and the report on the backdoored Actel/Microsemi chips, etc., this nebulous talk is all soooooo much bullcrap from the yahoos. With hardware trojans and hardware malware pre-installed, especially in any or all of th

"Someone's been mean to you! Tell me who it is, so I can punch him tastefully." -- Ralph Bakshi's Mighty Mouse

Working...