A cybersecurity expert claims he can drive the airplane while onboard. The FBI said this expert was able to hack into the inflight entertainment while onboard and was able to make the plane fly sideways.
How could this happen? Can airplanes be hacked?
Security researcher Chris Roberts was pulled off a United Airlines flight on April 15th by FBI agents after tweeting “find myself on a 737/800, let’s see BOX-IFE-ICE-SATCOM? Shall we start playing with EICAS messages. ‘Pass oxygen on’ anyone. :)”
The abbreviations he tweeted.. “IFE” stands for inflight entertainment system, and “EICAS” refers to the engine indicator crew alert system.
Roberts in two series of questioning sessions with FBI admitted to access the box under a passenger aircraft seat and accessing the flight controls causing a command to increase thrust to one of the aircraft engines making the aircraft climb and move sideways. Roberts says he has warned airlines and aircraft manufacturers to the vulnerabilities of the inflight entertainment boxes being able to access flight controls but said they did not take him seriously.
Previously, Roberts reported that he had been studying how to hack an aircraft on flights from 2011 to 2015. But that he only simulated the ability to command flight controls from a lab-simulator he built after recording how aircraft commands are issued.
Roberts is not the only researcher claiming to be able to control an aircraft. Security consultant Hugo Teso, who is also a pilot, claims he created an app called PlaneSploit. The Android built app would allow him to hijack an aircraft by hacking into the aircraft communications addressing and reporting system (ACARS). The FAA has said it is aware of his technique and says it poses no threat to commercial airline systems.
Newer aircraft such as the Boeing 787 Dreamliner, Airbus a350 and a380 share a single network onboard that connects flight deck controls and passenger entertainment in the back could pose greater risk.
Airlines were recently sent an internal security alert advising flight crews to be on alert for anyone accessing the under seat entertainment boxes.
Unrelated to hacking an aircraft, United Airlines has taken a progressive step announcing it will award up to 1 million miles to a hacker who can find security flaws in its network. This does not apply to onboard systems.