Researcher: Aircraft communication system to be hacked

A security researcher claims that satellite communications systems on aircraft could be hacked, possibly via inflight entertainment systems and onboard Wi-Fi. The makers of the systems themselves put the findings into perspective.

Security researcher Ruben Santamarta of IOActive tells Reuters this. One of the vulnerabilities is that with one system the passwords are stored hard-coded in the firmware, and therefore cannot be changed. Santamarta will reveal his findings later this week at the Black Hat security conference in Las Vegas.

In theory, an attacker could manipulate satellite traffic in this way, which could also have consequences for the navigation and safety systems on board. The Cobham company, whose Aviation 700 communication system is said to be vulnerable, puts Santamarta’s findings into perspective; although the system would indeed be vulnerable, it would require physical access to the device to exploit the vulnerabilities. According to Cobham, the most serious thing that can happen is to cut off the satellite link.

The developer is said to have come to his conclusions by reverse engineering communication systems from multiple manufacturers. He notes that he has not field-tested his research, and that it may be difficult to replicate his research in the real world. Nevertheless, he states that the security problems pose a danger and that he wants to encourage manufacturers to take action with his presentation.

Last year, the Spanish researcher and pilot Hugo Teso also found vulnerabilities in communication systems in aircraft. Through an outdated communication system that does not support security or authentication, it would be possible, for example, to manipulate the autopilot or cause the aircraft to crash.