Security analyst develops Android app that can hijack and crash airplanes
App uses an exploit framework which can command a plane to change course, altitude, speed and even crash.
A security analyst has revealed how simple it is to hack into the communication link-up between a plane and the air traffic control system, and the plane’s navigation system in order to change the plane’s route or even to crash it. Hugo Teso, an analyst with German IT security company N.Runs AG, and a licensed commercial pilot has developed an exploit framework called Simon which is used by an Android app to deliver data that can instigate an attack against an airplane.
While speaking at the Hack in the Box conference in Amsterdam, Teso revealed that he could exploit a plane’s Automatic Dependant Surveillance-Broadcast (ADS-B) system, the system that transmits the plane’s current navigation details to Air Traffic Controllers (ATC) and the Aircraft Communications Addressing and Reporting System (ACARS), a communication link between the plane and the ATC, to feed in false information and cause the plane to change course or get into an accident. Teso said that it took three years to develop the Simon framework which uses information from Flightsradar24, a free website that tracks flight paths in real-time, and publicly available Flight Management System hardware and software, both of which are very similar (but not exactly the same) as the ones used in the real world. Teso showed the audience at the conference that by sending the command “visit ground” through the app using radio signals, he could force the plane to change course and crash. He also showed how he could get a plane to change its speed, altitude and bearings using the same method.
Fortunately, Teso’s system can only be used virtually at present and a hijacker would only be able to remotely control a plane if it was within the antenna range of his hacking system. Also, if a pilot somehow was able to recognize the infiltration, he could take control of the plane manually, since Teso’s system can only influence the plane when it’s in autopilot mode. Teso stressed on how vulnerable the existing ACARS was and how a plane would have no way to determine if the data being transmitted through ACARS was valid.
Teso’s hacks have been developed keeping in mind the newly updated ADS-B system which will be implemented almost globally in the coming years as a result of a directive by the US government that states that by 2020, any flights operating in its airspace should have an ADS-B system installed. Teso says that he has been in touch with airlines to fix the vulnerabilities in the ADS-B system.
Along with Shodan, the search engine that can be used to control nuclear plants, Teso’s Simon makes the rest of the 21st century sound like a very dangerous time to live in. Fortunately, at least for the time being, both Shodan and Simon are almost exclusively being used by security experts and researchers to find and seal off security vulnerabilities rather than exploit them.
Still, I’m guessing, sleep won’t come easily tonight.
Source: Wired