Air raid warning: what hackers can actually do with modern aircrafts?

Recent report by US GAO was treated by medias as “Modern aircrafts can be hacked and commandeered through onboard Wi-Fi”. Is it really that bad?

Recently the United States Government Accountability Office published a report warning the Federal Aviation Administration that aviation faces cybersecurity challenges in “at least three areas”, including the protection of aircraft avionics used to operate and guide aircrafts. The media interpreted this warning to mean, “Modern aircrafts can be hacked and commandeered through onboard Wi-Fi”. But, is it really that bad?

Air raid warning: what hackers can actually do with modern aircraft?

We have a detailed statement made by Andrey Nikishin, Head of Future Technology Projects at Kaspersky Lab, on this controversial topic:

“As a fairly frequent flyer, I had mixed feelings about the news that modern planes can be hacked. Readers who are not familiar with how modern planes operate might get the impression that an intruder with a laptop can easily seize full control of a plane. In reality, that isn’t quite the case.

A modern passenger plane has multiple computer networks, and those networks share data of differing levels of importance, transferring the necessary information between them. The most important network is AFDX, which is dedicated to transmitting avionics data (i.e., data used to control the plane). This is an isolated bus, which is not connected to Wi-Fi or the onboard entertainment network. On ADFX, signals are always transmitted over wired connections only.

At the same time, there is another network, Information Management On-Board, which covers less important functions, such as monitoring the state of the plane’s various systems, weather data etc., as well as passenger Wi-Fi connections. The passenger network is isolated from other functions by a firewall. The article discussed the possibility of breaking though that firewall and getting into the Information Management network.

In other words, the safety-critical network is ultimately isolated from the Info Management network and nobody can just go ahead and hijack the plane’s operations via a computer. At the same time, at least in theory, an attacker might succeed in influencing the data coming from the health monitor, navigation or weather report systems.

Naturally, this would require familiarity with the relevant protocols and an understanding of the data formats involved. As far back as 2008, Boeing was warned that a passenger Wi-Fi network should not be physically connected to the plane’s internal networks. The manufacturer promised to fix this issue and, apparently, found an easy fix – that is, installed a firewall.

I believe, however, that the problem lies much deeper: we cannot use old technologies in the modern connected world and hope that nobody will hack them simply because it is difficult and expensive. It is high time to bring the communication protocols used in aviation up to date and in line with today’s realities. This is a process that should have started yesterday rather than today. Clearly, upgrading planes will be expensive – but new systems can and should be designed to meet today’s and tomorrow’s needs and requirements”.