Hacker claims he made jet rise and go sideways

[Al Bhatti]

May 18, 2015

A screenshot from a One World Labs YouTube video showing Chris Roberts during a presentation

Chris Roberts told investigators he had accessed aeroplane computer systems “15 to 20” times since 2011.

Hacker claims he made jet rise and go sideways
Cyber security expert claims he overwrote the code on the plane’s Thrust Management Computer while on board a flight

A prominent hacker has told the FBI he managed to make an airliner “climb” and move “sideways” after infiltrating its in-flight entertainment system. The claim was made by Chris Roberts, founder of cybersecurity firm One World Labs, who was escorted from a United Airlines flight last month after sending in-air tweets bragging that he could deploy the oxygen masks.

His claim that he had affected the actual performance of the plane was made in an FBI affidavit applying for a warrant to search his computer, iPad and other electronic items after the tweeting incident.

The affidavit said that Roberts claimed to have hacked the in-flight entertainment system and overwritten the code on the plane’s Thrust Management Computer while on board a flight, allowing him to operate at least one aeroplane engine. He was not charged in relation to the claims.

“He stated that he successfully commanded the system he had accessed to issue the climb command,” the affidavit said. “He stated that he thereby caused one of the aeroplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights.

“He also stated that he used Vortex software after compromising/exploiting or ‘hacking’ the aeroplane’s networks. He used the software to monitor traffic from the cockpit system,” investigators wrote in the warrant that was first published by Canada’s APTN News.

Roberts told investigators he had accessed aeroplane computer systems “15 to 20” times since 2011, accessing the systems by attaching an Ethernet cable directly to the ‘Seat Electronic Box’, which can be found under some seats, according to Wired Magazine. The affidavit said Roberts had gained access by “wiggling and squeezing” the box under the seat in front of him, penetrating seat-back video systems by Panasonic and Thales which gained him access to other aeroplane systems.

It remains unclear if Roberts, well-known in the hacking world, really did manage to move the plane or simply believed that he had. Among the types of plane Roberts claimed to have hacked were the Boeing 737-800, 737-900, 757-200 and Airbus A320. He told investigators he provided the information “because he would like vulnerabilities to be fixed”.

However, he told ‘Wired’ that the excerpts in the FBI affidavit had given an incomplete picture. “That paragraph that’s in there is one paragraph out of a lot of discussions, so there is context that is obviously missing which obviously I can’t say anything about,” he said.

United Airlines last week launched a “bug bounty” programme offering up to a million free air-miles to “White Knight” hackers — friendly ones — who could uncover weaknesses in their corporate computer systems. However it specifically ruled out bounty for bugs uncovered on “on-board Wi-Fi, entertainment systems or avionics”.

Last month a report from the US Government Accountability Office warned of the vulnerability posed by in-flight entertainment systems. It called on the Federal Aviation Administration to address the flaw.

Hacker claims he made jet rise and go sideways | GulfNews.com

 

[Vassnti]

“He stated that he thereby caused one of the aeroplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights."

Strange i thought engines just provided power, control surfaces affect climb? Unless by mistake he was flying in a Harrier instead of and A320

 

[Al Bhatti]

May 19, 2015

Hacker’s jet control sparks flight safety worry
Timing of electronic attack on aircraft couldn’t come at a worse time

An FBI agent’s claim that a hacker may have exploited weaknesses aboard more than a dozen commercial flights, including sending commands to a jet engine in mid-air, has sparked new worries over the safety and cybersecurity of the nation’s passenger planes.

The hacker, a security researcher, said the FBI misinterpreted him, and jetmakers and security experts have cast doubt on claims that he was able to control a flight. But the episode has added to a mounting sense of vulnerability ahead of what’s expected to be the busiest summer for air travel in years.

The FBI investigation comes one month after more than 50 American Airlines flights were delayed due to a bug in a critical iPad flight-navigation app that pilots could fix only by nudging closer to an airport’s Wi-Fi.

And it comes only two months after the deadly crash of a Germanwings jet in the French Alps, caused by a co-pilot who locked the captain out of the cockpit and began the descent, killing all 150 people on board. Despite that tragedy and the cyber scares, air travel has never been safer — 20 commercial flights crashed last year, making it one of the safest in aviation history.

But a new wave of technology is raising questions about security for an industry that has long kept a tight grip on information flowing among pilots, air traffic controllers and top officials.

The aviation industry’s “previously centralised and controlled culture,” said Tim Erlin, a director at security software firm Tripwire, “is being forced to deal with the basic, but prevalent, security issues more open systems have been confronting for years.”

In an application last month for a search warrant, an FBI agent said researcher Chris Roberts had used a simple plug, installed beneath the seats of many commercial planes, to tap into in-flight entertainment systems up to 20 times since 2011.

From there, according to the FBI, Roberts said he was able to change code on a plane’s internal computers and even command a plane to climb and fly sideways. Roberts last month got agents’ attention by tweeting that he might “start playing” with his jet’s controls.

Roberts defended the tweet as a joke riffing off his previous warnings to jetmakers Airbus and Boeing over their planes’ security flaws, which he said could leave control systems for the plane’s cabin and oxygen mask systems open to attack. “My only interest has been to improve aircraft security,” he tweeted on Sunday.

But other aviation and security experts said the claims, of tapping into flight controls via a seat outlet, stretched the imagination, because entertainment and crucial flight systems are often kept separate. Hacking a plane’s engine controls through its entertainment system, they argue, is a bit like controlling a car’s steering wheel through its CD player.

Jetmakers defended their security against worries of a fleet-wide flaw. In Boeing jets, entertainment systems are kept separate from flight and navigation, pilots have multiple navigational systems at their disposal, and the jet’s flight plan can’t change without pilot approval, Boeing spokesman Doug Alder said.

“On every flight, there are multiple layers of security and procedures in place to protect passengers and crew,” said Victoria Day, a spokesperson for Airlines for America, the industry’s trade group.

But the industry came under fire in a Government Accountability Office report last month, which said that in-flight Wi-Fi networks on some Boeing and Airbus planes could allow an attacker to commandeer a flight.

Cockpit electronics connect to the same networks as the passenger cabin, and the firewalls that divide them can, as cybersecurity experts told the watchdog, “be hacked like any other software and circumvented.”

Security experts like Christopher Soghoian, who in 2006 built a tool exploiting an airline weakness by allowing people to print fake boarding passes, poked back at the industry itself, saying it had sacrificed security when it made features like the under-seat port, designed for entertainment systems, easily available to anyone.

“In order to show video ads to passengers,” Soghoian tweeted, “airlines placed an easy to access ‘hack this plane’ data port under every seat.”

Some of air travel’s biggest tech headaches have arisen from the same hazards troubling other industries. About 10,000 frequent flyers of American and United airlines were told in January their accounts had been compromised by hackers who booked themselves free or upgraded flights.

Hacker’s jet control sparks flight safety worry | GulfNews.com

 

[OrionHunter]

Nothing new! All American made passenger jets can be remotely controlled from the ground. This had been done during the 9/11 destruction of the Twin Towers.

System Planning Corporation is a Virginia based corporation that conducts research and produces electronics and computer software for the United States Department of Defense and other federal government agencies in the support of National security.

The SPC Corporation provids the flight termination system and command transmitter system, the technology that allows planes to be remote controlled should the pilots be incapacitated or the plane hijacked.

SPC is one of the Defense Advanced Research Projects Agency's largest support contractors. The company has supported DARPA virtually continuously since the company's founding. SPC provides systems engineering, technical analysis, and support services to most of DARPA's Technology Offices.

SPC also has a long involvement with the U.S. stealth program. SPC designed and fabricated one of the first specialized radar cross section measurement radars used to validate the low observable signatures of stealthy vehicles. SPC continues to produce RCS measurement systems, currently the MK V, which is now principally used by the U.S. to provide quality assurance for deployed aircraft and ships, including the B-2 bomber.

System Planning Corp can convert just about any aircraft that suits their purposes into a remote control variant and have it able to follow commands from the air or ground. An AWACS outfitted with the “DC” drone control gear could also be an excellent platform for RC.

 

[gambit]

“He stated that he thereby caused one of the aeroplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights."

Strange i thought engines just provided power, control surfaces affect climb? Unless by mistake he was flying in a Harrier instead of and A320

Somehow the in-flight entertainment system is hooked into the flight control systems to allow him to do that. Until we see any kind of technical admittance from Boeing and/or Airbus, we can call this -- bogus.