An extremely well attended talk by Hugo Teso, a security consultant at n.runs AG in Germany, about the completely realistic scenario of plane hijacking via a simple Android app has galvanized the crowd attending the Hack In The Box Conference in Amsterdam today.Color me skeptical. I say that because I've personally dealt with n.runs before. They're an interesting bunch, combining serious security/hacking skill with a flamboyant (perhaps over the top) showmanship streak. This leads to very enjoyable presentations with lots of LULZ from the audience, but you have to read the fine print.
...Here are some of the functions Teso showed to the HITBSecConf Amsterdam audience:
- Please go here: A way of interacting with the plane where the user can dynamically tap locations on the map and change the plane's course.
- Define area: Set detailed filters related to the airplane, for example activate something when a plane is in the area of X kilometers or when it starts flying on a predefined altitude.
- Visit ground: Crash the airplane.
- Kiss off: Remove itself from the system.
- Be punckish: A theatric way of alerting the pilots that something is seriously wrong - lights start flashing and alarms start buzzing.
For example, they will talk about all the crazy stupid stuff they found in the design - they have several slides on this in the presentation (slides 10 and 12, for example). Everyone guffaws. What they don't say, however, is whether this can actually be exploited.
And this is the key to a lot of my skepticism - in my experience, n.runs hasn't been able to exploit most of the vulnerabilities they talk about. That said, some of what they find is exploitable, and is very clever indeed.
So what does all this mean? I'm not at all sure that I believe their most spectacular claims (cf. "Crash the airplane" above). As a matter of fact, I don't believe it. Nor do I believe that they can change the airplane's course. I do believe that they can spoof messages sent to the pilot's message console (cf. "Be punkish" above).
Security researchers pay a lot of attention to reputation. Some confuse reputation with notoriety in the Press. n.runs falls into that second category. I recommend a very large grain of salt for these claims, based on my experience with them in the past. Your mileage man vary, void where prohibited, do not remove tag under penalty of law.
I agree completely. I think they could do a lot of damage if the plane were unmanned; however, most pilots will notice discrepancies between the tinkered digital and untampered analog instruments that will not be susceptible to a hack. And how a hacker would penetrate a physically closed operating system requires intense skepticism (it's not like an autopilot responds to wireless LAN packets).
ReplyDeleteI suspect this is a media attention grab; expect some hysterical crying on Gizmodo, gullible reporting by AP, and a couple of movies in 2016 based on this claim. Planes aren't exactly on a shared data network that's easily exploited.
If it's an Airbus, it will do that all to itself... sigh
ReplyDelete"how a hacker would penetrate a physically closed operating system requires intense skepticism"
ReplyDeleteA standalone hacker? Probably wouldn't happen. A terrorist? Considering how poorly they seem to screen airport workers and maintenance personnel, even a small cell gaining physical access to the necessary connections isn't that farfetched.
I also wonder how interconnected some of these systems are on some of the newer aircraft, especially ones like Airbuses where the computer can override the pilot (which is stupid anyway).
DO-178B defines aircraft software evaluation. Unless the airplane uses a generic operating system (extremely unlikely), the aircraft software will ignore all spurious data, and only accept information from valid sources.
ReplyDeleteIt appears that they've proposed hacking the flight planning/in-flight management systems that provide data to the airplane on the ground and in-flight. Rather like hacking a SCADA system. Possible...
This comment has been removed by a blog administrator.
ReplyDeleteAzmrmacs, that's a very good consideration: it isn't the plane, but the ground systems that might be more vulnerable.
ReplyDeleteJake, avionics, flight control, nav, etc., are all independent systems. It'd be like a passenger in your car hacking into your car's control systems to make it crash.
And the Airbus system was in response to a tendency among French pilots to do stupid things in the cockpit.
However, Old NFO is nevertheless correct...sigh.