Thursday, April 11, 2013

So can you really hijack a plane using your Android smartphone?

A bunch of you are pinging me on the presentation at the Amsterdam Hack In The Box conference on Airplane hacking:
An extremely well attended talk by Hugo Teso, a security consultant at n.runs AG in Germany, about the completely realistic scenario of plane hijacking via a simple Android app has galvanized the crowd attending the Hack In The Box Conference in Amsterdam today.

...
Here are some of the functions Teso showed to the HITBSecConf Amsterdam audience:
  • Please go here: A way of interacting with the plane where the user can dynamically tap locations on the map and change the plane's course.
  • Define area: Set detailed filters related to the airplane, for example activate something when a plane is in the area of X kilometers or when it starts flying on a predefined altitude.
  • Visit ground: Crash the airplane.
  • Kiss off: Remove itself from the system.
  • Be punckish: A theatric way of alerting the pilots that something is seriously wrong - lights start flashing and alarms start buzzing.
Color me skeptical.  I say that because I've personally dealt with n.runs before.  They're an interesting bunch, combining serious security/hacking skill with a flamboyant (perhaps over the top) showmanship streak.  This leads to very enjoyable presentations with lots of LULZ from the audience, but you have to read the fine print.

For example, they will talk about all the crazy stupid stuff they found in the design - they have several slides on this in the presentation (slides 10 and 12, for example).  Everyone guffaws.  What they don't say, however, is whether this can actually be exploited.

And this is the key to a lot of my skepticism - in my experience, n.runs hasn't been able to exploit most of the vulnerabilities they talk about.  That said, some of what they find is exploitable, and is very clever indeed.

So what does all this mean?  I'm not at all sure that I believe their most spectacular claims (cf. "Crash the airplane" above).  As a matter of fact, I don't believe it.  Nor do I believe that they can change the airplane's course.  I do believe that they can spoof messages sent to the pilot's message console (cf. "Be punkish" above).

Security researchers pay a lot of attention to reputation.  Some confuse reputation with notoriety in the Press.  n.runs falls into that second category.  I recommend a very large grain of salt for these claims, based on my experience with them in the past.  Your mileage man vary, void where prohibited, do not remove tag under penalty of law.

6 comments:

The Czar of Muscovy said...

I agree completely. I think they could do a lot of damage if the plane were unmanned; however, most pilots will notice discrepancies between the tinkered digital and untampered analog instruments that will not be susceptible to a hack. And how a hacker would penetrate a physically closed operating system requires intense skepticism (it's not like an autopilot responds to wireless LAN packets).

I suspect this is a media attention grab; expect some hysterical crying on Gizmodo, gullible reporting by AP, and a couple of movies in 2016 based on this claim. Planes aren't exactly on a shared data network that's easily exploited.

Old NFO said...

If it's an Airbus, it will do that all to itself... sigh

Jake (formerly Riposte3) said...

"how a hacker would penetrate a physically closed operating system requires intense skepticism"

A standalone hacker? Probably wouldn't happen. A terrorist? Considering how poorly they seem to screen airport workers and maintenance personnel, even a small cell gaining physical access to the necessary connections isn't that farfetched.

I also wonder how interconnected some of these systems are on some of the newer aircraft, especially ones like Airbuses where the computer can override the pilot (which is stupid anyway).

Anonymous said...

DO-178B defines aircraft software evaluation. Unless the airplane uses a generic operating system (extremely unlikely), the aircraft software will ignore all spurious data, and only accept information from valid sources.

It appears that they've proposed hacking the flight planning/in-flight management systems that provide data to the airplane on the ground and in-flight. Rather like hacking a SCADA system. Possible...

AAREN said...
This comment has been removed by a blog administrator.
The Czar of Muscovy said...

Azmrmacs, that's a very good consideration: it isn't the plane, but the ground systems that might be more vulnerable.

Jake, avionics, flight control, nav, etc., are all independent systems. It'd be like a passenger in your car hacking into your car's control systems to make it crash.

And the Airbus system was in response to a tendency among French pilots to do stupid things in the cockpit.

However, Old NFO is nevertheless correct...sigh.