Black Hat 2014: Flight Instruments vulnerable via WiFi?

sys-02The Black Hat conference dedicated to computer security is generally used for specialized researchers to more alarming as each other on the risk of the most diverse hacking revelations. The 2014 edition is no exception to the rule. Thus, it was revealed that no less than 2 billion smartphones currently in use are afflicted with a backdoor. Secret access implemented by the operators, but potentially exploitable by hackers. Other ads shock, multiple vulnerabilities communication systems embedded in commercial devices satellites. Hack flight instruments would potentially possible via WiFi access in flight.

The plane becomes a connected object as another

Toute compagnie aérienne moderne, ici Virgin Australia, doit offrir un accès Internet Wi-Fi à ses clients, et donc mettre à leur disposition une connexion Satcom. (Photo : Robert Frola / Wikimedia Commons)

Toute compagnie aérienne moderne, ici Virgin Australia, doit offrir un Any modern airline, Virgin Australia here should provide Wi-Fi to its customers, and thus provide them with a Satcom connection. Its antenna is visible on the back of the device. (Photo: Robert Frola / Wikimedia Commons)

No doubt Ruben Santamarta presentation entitled “Satcom Terminals: Hacking by Air, Sea and Land,” which must have league today will be one of the most followed by the media this year. A hacker takes control away from a plane, which inspire more of a Hollywood screenwriter. A scenario not totally removed from reality as communication systems appraised by the researcher have security vulnerabilities coarse. Security settings hardcoded in the firmware, no secure protocols, backdoors, satellite communications systems (SATCOM) not marketed Harris, Hughes, Cobham, JRC and Iridium are far from presenting an acceptable level of security when we know that these systems deliver a high-speed passenger cabin, but also access to the cockpit. According to Ruben Santamarta, quoted by Reuters, these flaws could allow an attacker to use the wireless Internet access aircraft or the in-flight entertainment system to cut satellite communications from the aircraft and potentially disrupt his flight instruments. Polled by Reuters, suppliers challenged by Ruben Santamarta recognize flaws in their equipment, but emphasize the risk of low piracy. Cobham, a hacker may have access to flight instruments via its equipment and, in addition, the attacker must have physical access to the equipment to conduct the attack. An argument of the relative protection of ground equipment often used by professional aviation but, at all connected, will be less and less sufficient to guarantee the security of embedded devices.

Translation : Google Translate

Sources :

“Hacker says to show passenger jets at risk of cyber attack”, Reuters, august 4, 2014
“A Wake-up Call for SATCOM Security”, Technical White paper from Ruben Santamarta,
2014

Commentaires Facebook
Twitter Facebook Plusone Pinterest Linkedin
This entry was posted in Aéronautique, Logiciel embarqué and tagged , . Bookmark the permalink.