Aircraft Hacking: Hacker uses Android phone to remotely hijack aircraft in flight

“The Hack in the Box security conference in Amsterdam has a very interesting lineup of talks,” Darlene Storm reports for Computerworld. “One that jumped out was the Aircraft Hacking: Practical Aero Series presented by Hugo Teso, a security consultant at n.runs in Germany.”

Strom reports, “According to the abstract, ‘This presentation will be a practical demonstration on how to remotely attack and take full control of an aircraft, exposing some of the results of my three years research on the aviation security field. The attack performed will follow the classical methodology, divided in discovery, information gathering, exploitation and post-exploitation phases. The complete attack will be accomplished remotely, without needing physical access to the target aircraft at any time, and a testing laboratory will be used to attack virtual airplanes systems.'”

“Once he was into the airplane’s computer, he was able to manipulate the steering of a Boeing jet while the aircraft was in ‘autopilot’ mode. The only countermeasure available to pilots, if they even realized they were being hacked, would be to turn off autopilot. Yet many planes no longer have old analog instruments for manual flying. Teso said he could take control of most all airplane systems; he could even cause the plane to crash by setting it on a collision course with another plane. He could also give the passengers a serious adrenaline rush by making the oxygen masks drop down,” Strom reports. “Teso used his Samsung Galaxy and a specially crafted app called PlaneSploit to demonstrate how to hack an airplane’s computer. Crime Site also showed a quick clip of the hack. And no, PlaneSploit is not going to be available to the masses to hijack planes with their Android devices.”

Read more in the full article here.

[Thanks to MacDailyNews Readers “Fred Mertz” and “Lynn Weiler” for the heads up.]

MacDailyNews Take: No Fragmandroid Apple knockoff devices allowed past airport security checkpoints in 3… 2…

😉

108 Comments

          1. Melvin, are you familiar with The Fourth Amendment (Amendment IV) to the United States Constitution, the part of the Bill of Rights which guards against unreasonable searches and seizures, along with requiring any warrant to be judicially sanctioned and supported by probable cause?

            …perhaps being illegally groped by the TSA is the highlight of your social life.

        1. I am deeply concerned about our nation and where it is headed. Based on my concerns, some would call me a “gun nut”, a conspiracy theorist, a radical Liberal, a radical Conservative, or maybe just a nut. What I truly am is a radical Constitutionalist, and I’m afraid we could be in the process of losing this nation, its freedoms, and its future.

          First let us examine in a holistic way what is going on in this nation at the moment. We have been carrying on a war on terrorism for over 10 years now at a cost of $80B per year. That war effort has resulted in the creation of the DHS and TSA, the Patriot Act, the NDAA, and the recent purchase of enough ammunition by DHS to shoot every person in America 5 times. We now have warrantless searches and interception of American citizen’s private communications, and secretly approved searches and interception of private communications of American citizen’s. The President has been granted the power to assassinate American citizens overseas on his own authorization, while the same aerial drones used in those assassinations overseas have been authorized for “reconnaissance” purposes within the United States. Bid specifications for drones to be used within the United States include a requirement for “weapons delivery capability”. DHS, in addition to billions of rounds of ammunition, has ordered thousands of “personal protection” weapons, better known when in civilian hands not as “personal protection” weapons, but as “assault” weapons, while at the same time the most powerful attempts in history are being made to disarm the populace, and militarize the domestic police forces.

          It seems very strange to me that the very same people who worry that their personal safety is threatened by their next door neighbor owning guns are seemingly unconcerned about these much greater dangers.

          Each and every safeguard afforded us by the Bill of Rights is being quickly limited, eroded, and negated:

          The 1st Amendment is being limited through efforts at criminalizing “terrorist” and “hate” speech. The 2nd Amendment is being dismantled through the banning of certain weapons and accessory types from civilian possession. In both cases the same tactic is used, a special class of speech or weapon is carved out and then sliced off.

          The NDAA and the Patriot Act negate the protections in the 4th , 5th, 6th, and 7th Amendments, allowing such clear violations of the Constitution as indefinite detainment without charges, warrantless searches, secret warrants and indictments, denial of a fair and speedy trial by jury, and the right to confront accusers and refute evidence.

          The federal government continues to use the commerce clause disingenuously to bypass the 10th amendment and usurp powers reserved by the Constitution for the individual states.

          Those of us who look around and make note of all of these things recognize that all of the tools are rapidly falling into place that would enable a despotic administration to declare a national emergency and effectively suspend the Constitution, and with it our rights as citizens indefinitely. But if we voice our fears along these lines we are then declared to be speaking from the lunatic fringe. We are marginalized, discredited, and ridiculed by people who ought to know better, but have a pathological need to believe that all is well and that there is nothing to fear. They would have us believe that the world is a benign place, where none of these protections would ever be needed anyway. Their need to do so arises from a deep, unarticulated fear that if they admit to the possibility that these protections are necessary, they might have to actually think about possible unpleasant outcomes, and the possibility that they might have to stand up and defend these rights. They prefer to irrationally believe that America is different, and will continue to be different from all the other great empires, which have eventually fallen into ruin and despotism. They prefer not to contemplate the depth of evil to which powerful politicians, bureaucrats, and military officers are prone to sink without strong prohibitions concerning the exercise of raw power.

          I am afraid for this nation. You can call me paranoid if it makes you feel better. But it doesn’t negate the facts. Look around you. Wake up!

            1. We all suffer for the mistakes of the US. On his first election, GWB opted to travel outside of the US for the second time in his life to visit Mexico (“The United States ‘biggest’ trading partner”) without even knowing that the US trade with Canada far exceeds that of Mexico.

              GWB lead the US into becoming a further bully in the world with an attack on Iraq for “Weapons of mass destruction” which never were there.

            2. Sorry, I didn’t realize that I hit a sore point that you personally voted for George W. Bush TWO TIMES. Maybe if you get some rest you can type out something meaningful with your index fingers.

            3. Sometimes “foreigners” have a better perspective on U.S. actions than do U.S. citizens. It does no harm to give them fair consideration, at any rate. Besides, all our ancestors were “foreigners” to North America at some point. Even the Native Americans migrated from Asia, if the history that I was taught is still valid.

              If I am forced to listen to the drivel of citizen botvinnik, then I don’t see why inputs from anyone else should be suppressed on this forum.

            4. Iraq had weapons off mass destruction, they had already used chemical weapons on their own people, their troops had large amounts of biohazard suits when we went in there. They were actively pursuing nuclear which Iran is close to now.

              You can argue whether we should have dealt with the issue differently and make a decent case but to claim they did not have them is pure lunacy, and I frankly don’t understand that line of reasoning.

            5. You talk about it like it was a technicality.

              How do you rationalize the hundreds of thousand of lives that were lost over…a technicality???

              Maybe if you realized that one if your dear family could have been amongst the victims you might realize that this is not a mere partisan point.

            6. @botvinnik

              “wrong again, foreigner.”
              Unless your name is “Flies with Eagles” or something similar, you are a foreigner. A couple of generations doesn’t change that. Thus making your poisonous bigotry not only ugly but irrationally stupid.

              “stay.out.of.our.business do you not understand?”
              That’s laughable! The US is in the whole world’s business, whether invited or not. Which gives the whole world the right to be concerned about “your business”.

            7. #1) Ironic, considering many states in the US actually try to prevent Americans voting in American elections by creating obstructions to voter registration, introducing voter ID laws, playing around with voting locations, etc.

              #2) There are around 1000 US bases abroad in dozens of countries; maybe – before asking other people to STFU and stay out of US business – you should ensure your own country follows that piece of advice. Think of the money you’ll save.

            8. Y’ gotta wonder about someone who posts like this.

              What’s his purpose?
              – To persuade us to his viewpoint? Obviously not.
              – To engage in some kind of positive and interesting dialog? Obviously not.
              – To think about the ideas of others? Maybe even to learn something, occasionally? Obviously not.
              Why would someone bother saying anything at all to a bunch of people who he regards as morons? I have no idea. That, alone, is bizarre. (But it must be wonderful to so vehemently KNOW you have the 100% correct view on EVERYTHING.)

              It really is quite an interesting pathology.

              Nice work, pervs.
              YOUR American Gestapo at work:
              you have no idea.
              STFU and stay out of our business.
              what part of SHUT.THE.FUCK.UP.and.stay.out.of.our.business do you not understand?
              wrong again, foreigner.
              fuck you.
              and fuck you too.
              and fuck you three.
              can you not perform basic mathematics?
              you misspelled immigrant
              you are an idiot,
              you are also a blatant liar

            9. And neither are us Brits, but that didn’t stop our armed forces being dragged into an illegal war by your dimwit President, resulting in a great many needless deaths and mutilations of our servicemen and women, and even more among civilian non-combatants.
              But I guess you’re ok with that…

      1. Very disturbing to see a total lack of personal and professional discretion.

        we need to take a lesson from European and Israeli airport security proceedure and practice, which is implemented with courtesy discretion, intelligence and unobtrusive professionalism by professionally trained and qualified personel.

        Why doesn’t intelligent professional security discretion require like and kind peronel in the US? Probably because the bottom line here is money and TSA buffons get paid minimum wage or close…you don’t buy intelligent pros for minimum wage.

          1. Ridiculous. Fuel prices are a known variable in the aircraft business, but its not like the costs have suddenly spiked in the past couple of months. And the airlines have more than made up for it by increasing other fees, like baggage fees (which has reduced the number and weight of bags, thus saving fuel), charging for drinks and food, and adding fees for window or aisle seats, etc. etc.

        1. Must be a different “minimum wage” for TSA pervs..

          Transportation Security Officer – Hourly Average: $14.74/hr

          Transportation Security Officer – Average Salary: $34,952

          General Manager – Average Salary: $106,626

          1. And republikkans refuse to raise it.

            Point is that professional trained and qualified security personel need appropriate qualification that cannot be expected for any minimum wage ( or there abouts) salary.

            1. Y’all need to switch to decaf. No need for Apple fans to be hating on each other. Life is too short to be angry at another person over their point of view or opinion.

            2. can you not perform basic mathematics? The federally mandated minimum salary is $7.25/hr…the average hourly wage of a TSA screener is $14.74/hr…come on, Breeze, crunch those big ol’ numbers for me, I know you can do it.

            3. What about : “Point is that professional trained and qualified security personel need appropriate qualification that cannot be expected for any minimum wage ( or there abouts) salary.” Don’t you comprehend?

              Professional security agents cost real money.

            4. you are an idiot, this is the last time I will respond to you regarding this:

              What It Takes to be a Transportation Security Officer

              Once hired, officers:
              – Participate in more than 120 hours of classroom and on-the-job training before they ever screen a person or a bag;
              – Undergo a series of tests before receiving a work assignment;
              – Complete even more training if they are going to screen both passengers and baggage (More than half of our officers do this); and
              – Complete an annual certification process that includes more written tests, image interpretation tests, and a third party evaluation.

            5. Just like Apple’s there are high standards and a high bar to aspire to, which is what separates the men from the boys…

              Samsung also claims to have innovation and high professional standards and quality…but we all know that is a joke and couldn’t be further from the truth.

              When you have double standards and different measuring sticks, you have a market that compromises quality and caters to a dumbed down ignorant demographic. Sometimes it even gets away with the farce.

        1. Thought I’d log in just to say, “fuck you too!” to botvinnik.

          Your conservative troll shtick has no place on a computer blog. As an American, I am embarrassed by your behavior. As a human being, I can only say your continued vitriol and ad hominem attacks completely undermine any logical argument you try to make.

    1. This is my initial reaction.

      Yes, both cell phones and aircraft have signals in the UHF and L-bands. However, the bandwidths, modulations, interleaving, and forward error correction codes for those signals are completely different from each other. AND for cell phones all those aspects of the signals are hardwired into the communications chips in them.

      Changing the cell phone to be 100% interoperable with the wireless communications of commercial aircraft would, at the very least, require a completely programmable comms chip in the cell phone or a complete replacement of the comms chip in the cell phone with one that is 100% compatible with at least one RF waveform of the aircraft. (Currently no such chips exist that can fit within a cell phone.)

      AND this guy claims he did it with a “app” on the Android phone — strongly implying absolutely no physical changes to the cell phone.

      However, here is ONE option:
      Many commercial aircraft today have WiFi on them. IF (an extremely huge IF) the implementers of that WiFi system tied it into the network of computers on the aircraft itself (an unbelievably stupid thing to do) then it *might* be possible to use the on-board WiFi system to hack into the aircraft’s systems. While systems designers and implementers often do pretty stupid things, I find it difficult to believe that the implementers of the WiFi systems went through the added expense to integrate it into the on-board computer systems or that the aircraft owners would either pay for that additional integration or accept the risk of an access point opening up.

  1. I can see where remote wireless access to the aircraft would be beneficial – many reasons- maintenance data forwarding, remote control in emergencies. But you’d think encryption and passwords would be involved. I’m not sure this story is true. Sounds like a late April fool’s prank

  2. Not to understate the possibility of an attack, but there are usually two pilots on board and part of their job is to monitor the “health” of the system. If the pilots encounter what could be construed as aberrant behaviour, they will cut system functions until they regain control. They would also contact the nearest air traffic controller and report on the situation. I don’t think it would take too long to suss out the signature of the hackers and triangulate on their position. They might get away with it for a couple of times but God help them when they get caught.

    But, despite my faith in pilots, they are only human and my observations of most meatware systems is that they are generally only predictable in the aggregate – most people will do the expected. But as individuals, all bets are off. If one of these attacks does take place in real time, the press should have a field day with it.

  3. Err
    “No Fragmandroid Apple knockoff devices allowed past airport security checkpoints in 3… 2 ”

    What part of remote don’t you get? Th problem isn’t the phone but the aircraft systems if this story is to be believed. I suspect it might be like the water bomb BS that the insecurity folks like to tout to their Republican buddies.

  4. This article is pure fantasy. You can’t just hook up to an airplanes computer wirelessly, they use dedicated network lines for fly by wire (A664, A429, Ect..). The airplane has several computers with multiple processesors performing the same calculations and comparing results in lock step as a safety measure. If by a miracle someone faked a signal or gave instructions to a plane it would cause a fault and the autopilot would shut off automaticly. This guy is a liar!

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.