Did you ever imagine that a simple smartphone app could become a deadly instrument used to hijack a plane? As impossible as it may sound, know that the necessary software has already been developed.
An experienced IT specialist, security analyst and commercial pilot, Hugo Teso created the app in order to expose the flaws and vulnerabilities of aircraft computers, further revealing that some systems don’t have any kind of security measures in place.
The Android application, called PlaneSploit, would allow a possible attacker to hijack an airplane’s onboard computer and take over its controls remotely. At a recent security conference, Teso demonstrated how the software works, by taking control of a virtual Boeing jet in autopilot mode. Such an attack could be thwarted by switching the aircraft to manual mode, but most modern systems are no longer provided with this option.
In the simulation, Teso used the software to change the speed, direction and altitude of an airplane via radio signals. This particular vulnerability is owed to the fact airplane security systems are not provided with the necessary methods of authentication to identify whether the commands come from legitimate sources.
But it seems we shouldn’t be too worried yet. If you’re thinking of never getting on a plane again, know that the software was specifically developed to work only with virtual aircraft systems, not on an actual airplane. The Federal Aviation Administration also insisted that the hacking approach used by Teso does not actually pose a threat, as it would never work on certified flight software.
However, most experts believe the vulnerabilities exposed via PlaneSploit need to be fixed as soon as possible, before someone comes up with software that would actually work to hijack a real plane’s computer system. Teso has already contacted aviation officials in Europe and the U.S. to inform them of the security holes, which he says can be easily patched, especially in modern flight systems.
[Image via Sosickwithit]