14 DAY TRIAL // A private alert from the FBI and TSA (Transportation Security Administration) advises airlines to pay attention to passengers attempting to hack into the systems of the aircraft.
The warning comes after researcher Chris Roberts, known for exploring airplane networks in search of vulnerabilities, joked in a tweet last week about tampering with the engine-indicating and crew-alerting system (EICAS) of a Boeing carrying him to Syracuse, New York.
As a result of the ill-advised humorous message, the researcher spent some hours with the FBI upon landing, giving explanations. In the end, his electronic devices (encrypted) were seized by the law enforcement officers.
Checking passenger behavior and network logs recommended
FBI’s warning, posted on its InfraGard website and intended as a private industry notification (PIN), was obtained by Wired, who says that the two organizations take seriously the claims that hacking the cabin network system (in-flight entertainment systems, passenger Wi-Fi) could lead to compromising the avionics system in the cockpit.
According to the warning, the flight crew should pay attention to suspicious actions from passengers, such as connecting unknown cables to the in-flight entertainment system or to seat areas not intended for public access.
Also, signs of forced access to network ports, weird behavior of aviation wireless signals or threatening messages on social media regarding sensitive onboard network systems should be reported.
Another measure recommended by the FBI is analyzing the network logs of the aircraft in search of scanning activity and intrusion attempts.
Certain conditions required for potential in-flight hacking
At the moment, proof that someone actually gained access to avionics system in-flight has yet to emerge and the claims are theoretical.
However, in a report from GAO (US Government Accountability Office) on the cybersecurity risks of IP connectivity, security experts said that “if the cabin systems connect to the cockpit avionics systems (e.g., share the same physical wiring harness or router) and use the same networking platform, in this case IP, a user could subvert the firewall and access the cockpit avionics system from the cabin.”
Then again, researchers have demonstrated that the flight control systems can be accessed via the in-flight entertainment system, although such an operation would require strong technical background, as well as special tools, Chris Roberts told Reuters.