Airplane Wi-Fi systems vulnerable to cyberattacks

Hackers could exploit an airline’s on-board Wi-Fi to take control of the plane, said a government oversight report.

Security experts told the Government Accountability Office (GAO) that, if a plane’s control system uses the same physical wiring or router as the on-board Internet, hackers could subvert firewall protections and access the cockpit’s communications and navigation systems.

This could pose a huge problem. Internet-based entertainment options on planes are growing in popularity. Passengers are connecting more devices to the on-board network. Pilots are even using smartphones and tablets in the cockpit.

“Modern communications technologies, including IP connectivity, are increasingly used in aircraft systems, creating the possibility that unauthorized individuals might access and compromise aircraft avionics systems,” said the report, released Tuesday.

That opens the plane up to a number of cyberattacks, from injecting a virus into the flight controls, to hijacking the on-board computers, to manipulating the warning system to even commandeering the aircraft completely.

“This report exposed a real and serious threat — cyberattacks on an aircraft in flight,” said Rep. Peter DeFazio (Ore.), the top Democrat on the House Transportation Committee.

The report is particularly salient as the FAA is rolling out an Internet-based Next Generation Air Transportation System (NextGen). Moving from radar communication to satellite communication will allow planes to take more direct routes and fly closer together, reducing congestion.

But it will also increase the entire system’s vulnerability, the report said.

The FAA “has not developed a cybersecurity threat model” to account for any of these potential flaws, according to the report.

“Without such a model, FAA may not be allocating resources properly to guard against the most significant cybersecurity threats,” the GAO said.

DeFazio, one of the lawmakers who requested the report, also called on the FAA to create cybersecurity certification requirements.

“FAA must focus on aircraft certification standards that would prevent a terrorist with a laptop in the cabin or on the ground from taking control of an airplane through the passenger Wi-Fi system,” he said. “That’s a serious vulnerability.”

Tags

Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed..

 

Main Area Top ↴

Testing Homepage Widget

 

Main Area Middle ↴
Main Area Bottom ↴

Most Popular

Load more

Video

See all Video