Story 2015-05-17

Security researcher controlled passenger jet via inflight entertainment system

by
in security on (#96BP)
story imageChris Roberts, a security researcher with One World Labs, who has been issuing warnings about vulnerabilities in inflight entertainment systems for years, told the FBI agent during an interview in February that he had hacked the in-flight entertainment system on an airplane and overwrote code on the plane's Thrust Management Computer while aboard the flight. "He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights," FBI Special Agent Mark Hurley wrote in his warrant application. "He also stated that he used Vortex software after comprising/exploiting or 'hacking' the airplane's networks. He used the software to monitor traffic from the cockpit system."

"We believe Roberts had the ability and the willingness to use the equipment then with him to access or attempt to access the (inflight entertainment system) and possibly the flight control systems on any aircraft equipped with an (inflight entertainment system) and it would endanger the public safety to allow him to leave the Syracuse airport that evening with that equipment," sates the warrant application. Roberts has not yet been charged with any crime. The allegations contained in the search warrant application have not been proven in court.

Shortly after the incident with Roberts, Wired reported that the TSA and the F.B.I. issued a bulletin to airlines to be on the lookout for passengers showing signs they may be trying to hack into an airplane's Wi-Fi or inflight entertainment system. Wired also reported that the U.S. Government Accountability Office issued a report warning that electronic systems on some planes may be vulnerable to hacking.