Researcher demonstrates Android app that could hack airplanes

Share this article:
Researcher demonstrates Android app that could hack airplanes
Researcher demonstrates Android app that could hack airplanes
A German security researcher demonstrated Thursday how to take total control of airliners with the help of an Android application that takes advantage of open and insecure air traffic communications systems.

Hugo Teso, security researcher at German security firm N.Runs, spent three years to create an exploit code framework called SIMON and built the "PlaneSploit" Android app with which he could remotely attack flight management systems on airplanes, with no physical access required.

Once in control, an attacker can alter the course of a plane, set off warning lights and alarms and also crash it.

Teso, a former commercial pilot, demonstrated the hijack on virtual airplanes at the 2013 Hack In The Box security conference in Amsterdam and was able to control their movements in air.

Using the accelerometer in his Android device to move the plane around, one of his scenarios simulated an intoxicated pilot flying over the German capital of Berlin.

According to Teso, the remote hijack is possible thanks to the Automatic Dependent Surveillance-Broadcast, or ADS-B, protocol, which sends aircraft data, such as identity, position and altitude, from on-board transmitters to air traffic controllers.

A second protocol, the Aircraft Communications Addressing and Reporting System (ACARS) – used to deliver messages between aircraft and controllers over radio and satellite – is also open and insecure, Teso found.

By using ADS-B to pick the airliner he wanted to attack and ACARS to identify the type of computer aboard the plane, Teso was able to craft malicious messages that could be used to control the plane with the help of the SIMON framework implanted in the flight management system.

Teso deliberately coded the SIMON malware so that it only works on virtual aircraft and cannot be used on real ones.

However, Teso added that the framework is nearly impossible to detect once deployed in the flight management system and it can be used to upload flight plans, issue specific commands and more.

The researcher also said that the attack only works while the plane is on auto-pilot, not while it is under manual control.

This story originally appeared on SCMagazine.com.au.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Apple implements two-factor authentication

The company followed through on its promise to up iCloud security by implementing two-factor authentication earlier this week.

C&K apologizes for unauthorized access that led to Goodwill breach

A web hosting service apologized for intermittent unauthorized access of its hosted environment over 18 months that led to the Goodwill breach.

Yelp and TinyCo settle with FTC over COPPA Rule violations

Yelp and TinyCo settle with FTC over COPPA ...

Yelp will pay $450,000, and TinyCo will pay $300,000 to settle charges that their mobile apps collected information from children under the age of 13.