In-flight Wi-Fi could be used by terrorists or other hackers to take control of an aircraft’s avionic systems, US authorities have warned.
The US Government Accountability Office (GAO) says avionic systems that have traditionally been self-contained are now sharing the same network as passenger Wi-Fi, raising the possibility of remote unauthorised access.
The findings were disclosed in a report commissioned to review the Federal Aviation Authority (FAA)’s cybersecurity efforts and included contributions from a number of security experts.
“Firewalls protect avionics systems located in the cockpit from intrusion by cabin system users, such as passengers who use in-flight entertainment services on board. Four cybersecurity experts with whom we spoke discussed firewall vulnerabilities, and all four said that because firewalls are software components, they could be hacked like any other software and circumvented.
“The experts said that if the cabin systems connect to the cockpit avionics systems (e.g., share the same physical wiring harness or router) and use the same networking platform, in this case IP, a user could subvert the firewall and access the cockpit avionics system from the cabin.”
Because avionic systems had previously been considered immune to outside threats, the FAA’s security processes focused on component failure and ensuring only trusted insiders, such as pilots, had access.
The GAO said the FAA is aware of the new threat and is to adjust its aircraft security measures to mitigate any perceived threat. Experts say that although the threat shouldn’t be underestimated, users should exercise the same caution as if they were using any other type of public Wi-Fi.
“While it is true that firewalls could be potentially bypassed by those with ill intent, we have to remember that aircraft systems are built with safety in mind,” said Jovi Umawing, malware intelligence analyst at Malwarebytes. “These systems, which we deem life- or safety-critical, have redundancies in place to lessen the chances of tragic outcomes should they be compromised. As the GAO report does not clearly elaborate if this new threat via cabin Wi-Fi takes into account such systems, we can’t know for sure if an attack like this would be successful.
Air travel has long been considered the final refuge of those wishing to avoid phone calls, text messages and the Internet, but this sanctuary is slowly being eroded as more airlines offer in-flight Wi-Fi.
A number of US carriers and Australia’s Qantas have offered connections for some time, while British Airways is set to offer Internet to passengers through a new S-band satellite called Europsat, which will go live in 2016 with the intent of serving the European aviation market.
Virgin Atlantic already offers high speed connectivity on some transatlantic flights from Europe after the Branson-branded airline agreed a deal with Gogo late last year.
Think you know your transport tech? Find out with our quiz!
Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…
Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…
Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…
Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…
Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…
Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…