Researcher demonstrates Android app that could hack airplanes

Share this article:
Researcher demonstrates Android app that could hack airplanes
Researcher demonstrates Android app that could hack airplanes
A German security researcher demonstrated Thursday how to take total control of airliners with the help of an Android application that takes advantage of open and insecure air traffic communications systems.

Hugo Teso, security researcher at German security firm N.Runs, spent three years to create an exploit code framework called SIMON and built the "PlaneSploit" Android app with which he could remotely attack flight management systems on airplanes, with no physical access required.

Once in control, an attacker can alter the course of a plane, set off warning lights and alarms and also crash it.

Teso, a former commercial pilot, demonstrated the hijack on virtual airplanes at the 2013 Hack In The Box security conference in Amsterdam and was able to control their movements in air.

Using the accelerometer in his Android device to move the plane around, one of his scenarios simulated an intoxicated pilot flying over the German capital of Berlin.

According to Teso, the remote hijack is possible thanks to the Automatic Dependent Surveillance-Broadcast, or ADS-B, protocol, which sends aircraft data, such as identity, position and altitude, from on-board transmitters to air traffic controllers.

A second protocol, the Aircraft Communications Addressing and Reporting System (ACARS) – used to deliver messages between aircraft and controllers over radio and satellite – is also open and insecure, Teso found.

By using ADS-B to pick the airliner he wanted to attack and ACARS to identify the type of computer aboard the plane, Teso was able to craft malicious messages that could be used to control the plane with the help of the SIMON framework implanted in the flight management system.

Teso deliberately coded the SIMON malware so that it only works on virtual aircraft and cannot be used on real ones.

However, Teso added that the framework is nearly impossible to detect once deployed in the flight management system and it can be used to upload flight plans, issue specific commands and more.

The researcher also said that the attack only works while the plane is on auto-pilot, not while it is under manual control.

This story originally appeared on SCMagazine.com.au.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.