Having recently, last night to be precise, watched Die Hard II: Die Harder again I happen to know that in order to take control of an airplane from the ground you simply need to gather together a number of ex-special forces soldiers, pray for a blizzard, shoot an old man and take control of a church, then route yourself into the tower’s controls on the grounds of the church, take out the SWAT team that is protecting the aviation engineer on his way towards utilizing additional equipment at the airport’s disposal, and you’re pretty much home.
In order to get away with it you need a Special Forces platoon meant to stop you, secretly on your side, and you had better pray that John McLain isn’t in the building and that his wife is not in harm’s way.
At the recent Hack in the Box security conference in Amsterdam, security consultant Hugo Teso demonstrated that you don’t need to go through these extraordinary measures at all, you simply need to use his app entitled PlaneSploit.
Mr. Teso, a trained commercial pilot himself explained and then showed that the Automated Dependent Surveillance-Broadcast (ADS-B) is unencrypted and unauthenticated which can open up a plane to a passive attack like eavesdropping or active attacks such as message jamming and injection. The latter being the real scary attack of the two.
He also pointed out that the Aircraft Communications Addressing and Reporting System (ACARS) used to send text-based messages between aircraft and ground stations has little to no security.
With these vulnerabilities in mind, Mr. Teso used ACARS to gain access to the virtual planes in order to upload Flight Management Information. While reading this with a bit of bewilderment, I still found cause to laugh when he explained why he used virtual planes over real ones, “too dangerous and unethical.”
From there he showed how he could control the steering of a Boeing jet when in auto-pilot mode, theoretically allowing him to steer it into another plane or simply scaring the passengers on board by dropping the oxygen masks.
Lastly, he pointed out that while a pilot could disengage the auto-pilot, many newer planes don’t have manual controls and that older planes might prove impossible to upgrade to avoid his attacks.
For more on the technical side of his findings, have a look at the following article.