Nov. 26, 2014   34°F   School Closings
Listen Live WCPN / WCLV
ideastream
Mission 4
Values 1
Values 2
Values 3
Vision 3
Vision 4
Vision 5
Values 4
Values 5
Values 6
Vision 1
Vision 2

Choose a station:

90.3 WCPN
WCLV 104.9
WVIZ/PBS

Choose a station:

90.3 WCPN
WCLV 104.9
WVIZ/PBS

Hacker Says He Can Break Into Airplane Systems Using In-Flight Wi-Fi

Posted: August 4, 2014

Share on Facebook Share Share on Twitter Tweet

Two years ago, a group at Las Vegas' annual hacker convention said it could break into air traffic control systems. This year a session will show how a passenger can hack a plane while in the air.

Cybersecurity researcher Ruben Santamarta says he has figured out how to hack the satellite communications equipment on passenger jets through their Wi-Fi and in-flight entertainment systems.

Cybersecurity researcher Ruben Santamarta says he has figured out how to hack the satellite communications equipment on passenger jets through their Wi-Fi and in-flight entertainment systems. Andrea Comas

Two years ago, a group at Las Vegas' annual hacker convention announced it could break into air traffic control systems.

At this year's Black Hat convention, a cybersecurity consultant, Ruben Santamarta, will discuss how he went even further: by showing it's possible to interfere with an airplane's navigation and safety systems — while on the plane and in the air — using the plane's own Wi-Fi and in-flight entertainment systems. As Reuters reports:

"Santamarta published a 25-page research report in April that detailed what he said were multiple bugs in firmware used in satellite communications equipment made by Cobham, Harris, Hughes, Iridium and Japan Radio Co for a wide variety of industries, including aerospace, military, maritime transportation, energy and communications.

"The report laid out scenarios by which hackers could launch attacks, though it did not provide the level of technical details that Santamarta said he will disclose at Black Hat."

The manufacturers say the risk of break-ins is very small, but, according to Reuters, Santamarta says simple steps can be taken to make the systems more secure: "One vulnerability that Santamarta said he found in equipment from all five manufacturers was the use of 'hardcoded' log-in credentials, which are designed to let service technicians access any piece of equipment with the same login and password."

Other topics on tap for the Black Hat convention this week include an ad network data link that can let hackers take over Android phones; how Microsoft administrator tools can be used for nefarious purposes; uncorrected security gaps during desktop computers' boot-up processes; and the potential threat of hacks in computers' USB peripherals.

Chris Hopkins is a digital editor at NPR. His favorite in-flight entertainment is Delta Air Lines' trivia game that pits passengers against one another. @chopkinsmedia

Copyright 2014 NPR. To see more, visit http://www.npr.org/.

Tags

All Tech Considered

Leave a Comment

Please follow our community discussion rules when composing your comments.