Thursday, June 7, 2018

US Government: Hacking commercial jets "only a matter of time"

Hard to argue with this:
US government researchers believe it is only a matter of time before a cybersecurity breach on an airline occurs, according to government documents obtained by Motherboard. The comment was included in a recent presentation talking about efforts to uncover vulnerabilities in widely used commercial aircraft, building on research in which a Department of Homeland Security (DHS) team successfully remotely hacked a Boeing 737.
If DHS is working on this - penetration testing combined with working with the vendors on a fix - then this is really good news.
The documents, which include internal presentations and risk assessments, indicate researchers working on behalf of the DHS may have already conducted another test against an aircraft. They also show what the US government anticipates would happen after an aircraft hack, and how planes still in use have little or no cybersecurity protections in place.
I'm not opposed to looking for security holes.  In general, everything is vulnerable, especially if nobody has spent much time on looking for the holes.  What disturbs me is when people refuse to look, or make fixes when someone else looked.

This program seems to be pointed in the right direction.  It gets ugly when an airliner's computers go haywire.

5 comments:

  1. This comment has been removed by the author.

    ReplyDelete
  2. I've heard stories that there have been attacks against the onboard WiFi systems that got access to the Flight Management Systems.

    Whoever designed that, without a physical air gap between the two that CAN NOT be bridged, needs to have their head left on a pike as a message to the others.

    (My career-long joke about what they should do to me if I did something stupid).

    ReplyDelete
  3. OT: Hope my post on Navy SWO raining didn't disappoint.

    ReplyDelete
  4. Graybeard, the good news is that it looks like real analysis is being done. This seems like people are serious.

    Comrade, it did (as always). You have a take on these situations that is unusually valuable.

    ReplyDelete

Remember your manners when you post. Anonymous comments are not allowed because of the plague of spam comments.