Hacker “Hijacks” Plane With An Android App


Having recently, last night to be precise, watched Die Hard II: Die Harder again I happen to know that in order to take control of an airplane from the ground you simply need to gather together a number of ex-special forces soldiers, pray for a blizzard, shoot an old man and take control of a church, then route yourself into the tower’s controls on the grounds of the church, take out the SWAT team that is protecting the aviation engineer on his way towards utilizing additional equipment at the airport’s disposal, and you’re pretty much home.

Source: Pixabay

In order to get away with it you need a Special Forces platoon meant to stop you, secretly on your side, and you had better pray that John McLain isn’t in the building and that his wife is not in harm’s way.

At the recent Hack in the Box security conference in Amsterdam, security consultant Hugo Teso demonstrated that you don’t need to go through these extraordinary measures at all, you simply need to use his app entitled PlaneSploit.

Electron Rises 5.1% Buy Renewable And Infrastructure Stocks: Q1 Letter

RenewableElectron Capital Partners' flagship Electron Global Fund returned 5.1% in the first quarter of 2021, outperforming its benchmark, the MSCI World Utilities Index by 5.2%. Q1 2021 hedge fund letters, conferences and more According to a copy of the fund's first-quarter letter to investors, the average net exposure during the quarter was 43.0%. At the Read More

Mr. Teso, a trained commercial pilot himself explained and then showed that the Automated Dependent Surveillance-Broadcast (ADS-B) is unencrypted and unauthenticated which can open up a plane to a passive attack like eavesdropping or active attacks such as message jamming and injection. The latter being the real scary attack of the two.

He also pointed out that the Aircraft Communications Addressing and Reporting System (ACARS) used to send text-based messages between aircraft and ground stations has little to no security.

With these vulnerabilities in mind, Mr. Teso used ACARS to gain access to the virtual planes in order to upload Flight Management Information. While reading this with a bit of bewilderment, I still found cause to laugh when he explained why he used virtual planes over real ones, “too dangerous and unethical.”

From there he showed how he could control the steering of a Boeing jet when in auto-pilot mode, theoretically allowing him to steer it into another plane or simply scaring the passengers on board by dropping the oxygen masks.

Lastly, he pointed out that while a pilot could disengage the auto-pilot, many newer planes don’t have manual controls and that older planes might prove impossible to upgrade to avoid his attacks.

For more on the technical side of his findings, have a look at the following article.

Previous article Tom Gayner Discusses Markel’s Investment Process
Next article KPMG Former Partner Gave Info about Deckers to Bryan Shaw [REPORT]
While studying economics, Brendan found himself comfortably falling down the rabbit hole of restaurant work, ultimately opening a consulting business and working as a private wine buyer. On a whim, he moved to China, and in his first week following a triumphant pub quiz victory, he found himself bleeding on the floor based on his arrogance. The same man who put him there offered him a job lecturing for the University of Wales in various sister universities throughout the Middle Kingdom. While primarily lecturing in descriptive and comparative statistics, Brendan simultaneously earned an Msc in Banking and International Finance from the University of Wales-Bangor. He's presently doing something he hates, respecting French people. Well, two, his wife and her mother in the lovely town of Antigua, Guatemala. <i>To contact Brendan or give him an exclusive, please contact him at [email protected]</i>

No posts to display