London - As you debate whether to have red or white wine to accompany your in-flight meal, it’s unlikely that you’ll pay much attention to the middle-aged man in the seat next to you.
In all likelihood, he will be tapping away at a laptop. Curiosity may cause you to sneak a peep at his screen, but all you’ll see are several indecipherable lines of computer code.
“Ah, a geek,” you think, before deciding that you’d rather start with a beer. After all, you’re on holiday with your family, all looking forward to two weeks away from the British weather.
And then something very disturbing happens — the oxygen masks suddenly drop down. There is a collective gasp around the cabin, and a flight attendant, a worried look on her face, hurries down the aisle.
Just a few seconds later, the lights go out, and then the plane violently banks to the left. People are screaming now, sure that the aircraft is about to crash. You turn to face your children, their faces terrified. You do your best to calm them down and, as you turn back, you notice something very strange indeed.
The man on the laptop is still tapping away. And, stranger still, he is grinning.
Although you do not know it, this man is now your pilot. By using a £400 (about R7 000) second-hand laptop, he has hacked into the plane’s control systems via the in-flight entertainment system and is now in complete control.
This nightmare scenario may sound far-fetched — like something out of a Hollywood disaster movie. But on Tuesday it emerged that it could be chillingly possible.
According to an application for a search warrant filed by the FBI last month, a British-born computer security expert called Chris Roberts claims to have hacked into an airline’s entertainment system, overwritten code on the aircraft’s thrust management computer, issued a climb command and made the plane turn sideways.
Mr Roberts, founder of a Denver-based security intelligence firm called One World Labs, also claims to have hacked into the electronic systems of up to 20 aircraft between 2011 and 2014.
It was on April 15 that Mr Roberts had his electronic equipment seized at Syracuse airport in New York state, after he tweeted that he may have hacked into the systems of a Boeing 737/800 during a flight from Chicago.
According to the warrant, Mr Roberts had already been warned twice in February not to hack into aircraft, and that if he did so, he was likely to be prosecuted. “We believed it would endanger public safety to allow him to leave Syracuse airport with that equipment,” the FBI stated.
Mr Roberts claims his tweet about taking control of an aircraft was taken out of context. “That’s one paragraph out of a lot of discussions, so there is context that is missing which I can’t say anything about,” he told Wired magazine.
However, Mr Roberts has previously made little secret about theoretically being able to take control of an aircraft’s engine management systems. In a conference speech he gave in Kentucky in 2011, he spoke about his ability to control a plane’s engines and, alarmingly, even shut them down.
Mr Roberts states that he hacked into the aircraft only to help improve their electronic security. This does not impress many within the industry, some of whom state that if his claims are true, he should be locked up, no matter what his motivation.
“You’re endangering the lives of a lot of people and that’s a long way to go to just prove a point,” says aircraft electronics consultant Michael Planey.
So, is it possible for a passenger to hack into a plane, and if so, how can it be done?
One of the biggest Achilles’ heels for many modern aircraft is their wifi systems, which enable passengers to connect to the internet even when they are miles up in the air.
Although this is a great convenience, it does potentially allow hackers to gain access to the plane’s electronics. Just last month, the US Government Accounting Office issued a severe warning about this very vulnerability.
“Modern aircraft are increasingly connected to the internet,” the report stated. “This can potentially provide unauthorised remote access to aircraft avionics systems.
“According to cybersecurity experts we interviewed,” the report continued, “internet connectivity in the cabin should be considered a direct link between the aircraft and the outside world, which includes potential malicious actors.”
Of course, this raises the extremely sinister possibility that people on the ground could hack into aircraft.
Some experts are not sure that there is such a danger, as the electronics on board are separated by firewalls. This means that while Mr Roberts may be able to hack into the aircraft’s entertainment system through wifi, he could not access the plane’s controls.
However, firewalls can never be totally secure and, furthermore, Mr Roberts does not just use wifi.
According to the FBI warrant, on at least one occasion, he physically plugged his laptop into the plane’s system through the ‘Seat Electronic Box’ (SEB) of which two can be found beneath each seat row of many modern aircraft.
By connecting his laptop to the box using an ethernet cable, Mr Roberts was apparently able to access other systems on the plane using default passwords, and not just the system that controlled the entertainment.
Again, some experts have their doubts. “In the event that what he claims about . . . the Thrust Management System occurred,” says Mr Planey, “that would have been noted by the crew; they would have noticed the aircraft was moving not by command from the cockpit.
“I would have expected the pilots to write it up and there would have been an investigation. So I don’t believe what he says to be true.”
However, Mr Roberts is not the only hacker who claims he can control aircraft. Another potential method was highlighted two years ago by Hugo Teso, a security consultant with German IT firm *.runs.
At a conference, Mr Teso claimed another vulnerability lay in the Aircraft Communications Addressing and Reporting System (Acars), which is used by air traffic control to send messages to and from aircraft.
Using a Samsung smartphone and in a simulated aircraft setting — using computer hardware bought on eBay that provided flight code software for “training” — Mr Teso demonstrated that he could hack into Acars and send malicious data to an aircraft’s flight management system.
In this way, Mr Teso claimed he could make planes crash into each other.
“Acars has no security at all,” he explained. “The plane has no means to know if the messages it receives are valid or not. So they accept them, and you can use them to upload data to the plane that triggers these vulnerabilities. And then it’s game over.”
Some have speculated that this method of “cyber-hijacking” may have brought down Malaysia Airlines Flight MH370. However, organisations such as the US Federal Aviation Administration (FAA) are sceptical.
“The described technique cannot engage or control the aircraft’s autopilot system . . . or prevent a pilot from overriding the autopilot,” it said.
But if it is indeed hard to attack the aircrafts’ systems themselves, there is one other vulnerability: air traffic control.
Two years ago, a hacker calling him-self RenderMan addressed a conference and stated it could be possible to launch attacks that would leave controllers utterly bewildered.
“If I can inject 50 extra flights onto an air traffic controller’s screen, they are not going to know what is going on,” he said. “If you could introduce enough chaos into the system for even an hour, that hour will ripple through the entire world’s air traffic control.”
Ultimately, the responsibility for a plane rests with the pilot, who is always able to override the computers. Although pilots cause more crashes than computers, they are the only line of defence if someone else has taken control of the electronics.
In the meantime, we must wait to see what the FBI finds on Mr Roberts’s computers.
Whether he is a Walter Mitty or not, it’s alarming that the possibility exists — no matter how small — that a jumbo might be brought down with just a few clicks on a keyboard.
Daily Mail