When flying on a business trip or on vacation, have you ever wondered how safe it is in the modern world of digital threats? Some modern aircraft are called computers with wings, the level of penetration of computer technology is so high. How are they protected from hacks? What can pilots do in this case? What other systems could be at risk? The current pilot, the captain of a Boeing 737 with more than 10 flight hours, spoke about this on his MenTour Pilot channel.
So, hacking the plane's systems. In recent years, this problem has become more and more urgent. As aircraft become more computerized and the amount of data exchanged between them and ground services increases, so does the likelihood of attack attempts by intruders. Aircraft manufacturers have known about this for more than a year, but earlier this information was not particularly heard by us, the pilots. However, it seems that these issues have been resolved at the corporate level.
What do you hear there?
Back in 2015, the US Department of Homeland Security published a report that they managed to hack into the systems of their own Boeing 757 while it was on the ground. The hack used widely available tools that could be smuggled through security controls. Penetration succeeded through the radio system. Naturally, they did not say which systems they managed to hack. In fact, they said nothing at all, except that they managed to gain access to the plane.
Also in 2017, there was a post from independent hacker Ruben Santamarta. He reported that by building a small transceiver and placing an antenna in the yard, he was able to penetrate the entertainment systems of the aircraft flying over him.
All this brings us to the fact that there is still some danger. So what can hackers access and what can't they? To understand this, let's first understand how aircraft computer systems work. The first thing to note is that the most modern aircraft are also the most computerized. On-board computers carry out almost all operations from positioning control surfaces (rudders, slats, flaps ...) to sending flight information.
But it should be understood that aircraft manufacturers are well aware of this design feature of modern aircraft, therefore they have incorporated cybersecurity into their design. Therefore, the systems that you access on the back of the seat in front of you and the systems that control the flight are completely separated. They are physically separated in space, separated by infrastructure, they use different systems, different programming languages ββ- in general, really completely. This is done so that there is no way to access control systems through the on-board entertainment system. So on modern aircraft this cannot be a problem. Boeing, Airbus, Embraer are well aware of this threat and are constantly working to stay one step ahead of the hackers.
Translator's note: there were reports that the developers of the Boeing 787 still wanted to combine these systems physically and make a virtual separation of networks. This would save weight (onboard servers) and reduce cabling. However, the regulatory authorities refused to accept such a concept and forced to maintain the "tradition" of physical separation.
The overall picture looks a little worse if we take the entire spectrum of aircraft. The duration of the operation of the aircraft reaches 20-30 years. And if we look back at the computer technologies of 20-30 years ago, they will be completely different. It's almost like seeing dinosaurs walking around. So on aircraft like the 737 that I fly, or the Airbus 320, of course, there will be computer systems that have not been so carefully designed to resist hackers and cyber attacks. But there is also a bright side - they were not as computerized and integrated as modern machines. So the systems we have on the 737 (I can't talk about Airbus because I'm not familiar with them) are basically for giving us navigation data. We do not have . On our 737s, the helm is still connected to the control surfaces. So yes, attackers may have the ability to influence the updating of our navigation systems, for example, but we would notice this very quickly.
We fly the aircraft not only on the basis of on-board GPS, we also use traditional navigation systems, we constantly check data from various sources. In addition to GPS, these are also ground beacons and their distances. We have a system on board called the IRS. In fact, these are laser gyroscopes that receive data in real time and compare them with GPS. So if suddenly something goes wrong with one of the systems available for attack, we will notice it very quickly and switch to another.
Onboard systems
What other potential attack targets come to mind? The first and most obvious is the in-flight entertainment system. In some airlines, it is through it that you buy access to Wi-Fi, order food, etc. Also, Wi-Fi itself on board can be the target of intruders, in this respect it can be compared with any public hotspot. You probably know that if you use public networks without a VPN, it is possible to get your data - personal data, photos, saved Wi-Fi passwords, as well as any other passwords, bank card data, and so on. It will not be difficult for an experienced cracker to get to this information.
The built-in entertainment system itself is different in this regard, because. is an independent set of hardware components. And these computers, I want to remind you once again, are in no way connected and do not interact with the control systems of the aircraft. However, this does not mean that hacking the entertainment system cannot create serious problems. For example, an attacker can potentially send notifications to absolutely all passengers in the cabin, informing, for example, that the aircraft has been seized. This will create panic. Or notifications about problems with the aircraft, or any other disinformation. It will certainly be shocking and terrifying, but it will not be dangerous in any way. When such a possibility potentially exists, manufacturers take all possible measures, installing firewalls and the necessary protocols to prevent such problems.
So, perhaps the most vulnerable are the in-flight entertainment system and Wi-Fi. However, Wi-Fi is usually provided by an external operator and not by the airline itself. And it is he who takes care of the cybersecurity of the service he provides.
The next thing that comes to my mind is pilot flight tablets. When I first started flying, all our manuals were paper. For example, an operation manual with all the rules, necessary procedures, a navigation manual with routes in the air in case we forget them, navigation and approach charts in the airport area, maps of airports - everything was in paper form. And if something changed, it was necessary to find the right page, tear it out, replace it with an updated one, make a note that it was replaced. In general, a lot of work. So when we started getting flight pads, it was amazing. With one click, all this could be quickly downloaded, with all the latest updates, at any time. At the same time, you could get weather forecasts, new flight plans - everything can be sent to the tablet.
But. Every time you connect somewhere, there is the potential for a third party to infiltrate. Airlines are aware of the situation, as are aviation authorities. That is why we are not allowed to do everything electronically. We must have paper flight plans (however, this requirement varies by airline) and we must have a backup copy of them. In addition, under no circumstances may we install anything other than airline-approved and authorized applications on the tablet. Some airlines use iPads, some use specially designed devices for this purpose (both options have pros and cons). In any case, this is all strictly controlled, and pilots can in no way interfere with the operation of the tablets. This is the first. Secondly, we are forbidden to connect them to anything when we are in the air. We (at least at my airline) can't connect to the in-flight Wi-Fi after takeoff. We can't even use the iPad's built-in GPS receiver. As soon as we close the doors, we switch the tablets to airplane mode, and from that moment on, there should be no options for interfering with their work.
If someone somehow disrupts or interferes with the entire network of the airline, we will notice it after connecting on the ground. And then we can go to the crew room at the airport, print out paper diagrams and rely on them in flight. If something happens to one of the tablets, we have a second one. In the worst case, if both tablets are not working, we have all the data necessary for the flight in the on-board computer. As you can see, this question uses a triple reinsurance in solving the same problem.
The next possible options are on-board monitoring and control systems. For example, the previously mentioned navigation system and flight control system. Again, I can't say anything about other manufacturers, only the 737 that I fly myself. And in his case, from a computerized one - a navigation database containing, as the name implies, navigation information, databases of the earth's surface. They may be subject to some changes. For example, when updating the on-board computer software by an engineer, a modified or corrupted file may be loaded. But this will quickly surface, because. The plane is constantly checking itself. For example, if the engine fails, we see it. In this case, we, of course, do not take off and ask the engineers to check.
On any failure, we will receive a warning signal that some data or signals do not match. The aircraft constantly cross-checks different sources. So if after takeoff it turns out that the database is incorrect or corrupted, we will immediately know about it and switch to the so-called traditional methods of navigation.
Ground systems and services
The next is air traffic control and airports. Control services are based on the ground, and hacking them will be easier than hacking an aircraft moving in the air. If attackers, for example, in any way de-energize or turn off the radar of the navigation tower, it is possible to switch to the so-called procedural navigation and procedural separation of aircraft. This is a slower way to get planes to airports, so in busy harbors like London or Los Angeles, this will be a big problem. But ground services will still be able to stack aircraft at 1000-foot intervals. (approx. 300 meters), and as one board passes a certain point, direct the next to enter. And thus the airport will be filled with procedural means, and not with the help of radar.
If the hit is on the radio system, there is a backup. As well as a special international frequency, which can also be accessed. Or the aircraft may be transferred to another air traffic control unit, which will control the approach. There is redundancy in the system and alternative nodes and systems that can be used if one is attacked.
The same applies to airports. If an airport comes under attack and the intruders turn off, say, the navigation system or the runway lights, or anything else at the airport, we will immediately notice it. For example, if we can't contact them or set up the Auxiliary Navigation Instruments, we will see there is a problem, and our main flight display will show special flags that the instrument landing system is not working, or the navigation system is not working, in which case we'll just abort the entry. So this situation does not pose any danger. Of course, we will be annoyed, like you, if we are not where we flew. There is enough redundancy in the system, the aircraft has enough fuel reserves. And if this group of hackers did not attack the entire country or region, which is very, extremely difficult to do, there will be no danger to aircraft.
Something else?
That's probably all that comes to my mind regarding possible attacks. There was a message from an FBI cyber expert who stated that he was able to access the flight control computers using the entertainment system. According to him, he managed to βmoveβ the plane a little (his words, not mine), but this has never been confirmed, and no charges have been filed against this person. If he really did this (I donβt really understand why someone would do this while on the same plane), charges would be brought against him for endangering peopleβs lives. This allows me to think that these are most likely rumors and fabrications. And, as I said, according to the manufacturers, there is no physical possibility to connect from the on-board entertainment system to the control one.
And as I said at the beginning, if we, the pilots, noticed that some of the systems, for example, navigation, gives incorrect data, we would switch to using other sources of data - landmarks, laser gyroscopes, etc. If the control surfaces do not respond, there are options in the same 737. The autopilot can be easily disabled, in which case the computer should not affect the behavior of the aircraft in any way. And even if the hydraulics fail, the plane can still be controlled like a huge Tsesna with the help of cables physically connected to the steering wheel. So we always have options to control the aircraft, as long as it itself is not structurally damaged.
In conclusion, hacking an aircraft through GPS, radio channels, etc. theoretically possible, but it will require an incredible amount of work, a lot of planning, coordination of actions, a lot of equipment. And do not forget that depending on the altitude, the aircraft moves at a speed of 300 to 850 km/h.
And what do you know about possible attack vectors on aviation? Don't forget to share in the comments.
Some ads π
Thank you for staying with us. Do you like our articles? Want to see more interesting content? Support us by placing an order or recommending to friends, , a unique analogue of entry-level servers, which was invented by us for you: (available with RAID1 and RAID10, up to 24 cores and up to 40GB DDR4).
Dell R730xd 2 times cheaper in Equinix Tier IV data center in Amsterdam? Only here in the Netherlands! Dell R420 - 2x E5-2430 2.2Ghz 6C 128GB DDR3 2x960GB SSD 1Gbps 100TB - from $99! Read about
Source: habr.com