Moderators: jsumali2, richierich, ua900, PanAm_DC10, hOMSaR

 
MD95sOverATL
Topic Author
Posts: 52
Joined: Fri Mar 27, 2015 5:32 pm

Wired: In-flight WiFi Vulnerable To Hackers

Wed Apr 15, 2015 3:22 pm

This is a story posted on Ars today, originally from Wired UK.

This sounds like a lot of fearmongering nonsense to me, but I'm not an aviation expert. Systems like GoGo are completely isolated from aircraft avionics and control surfaces, aren't they? There's no way that these systems "share the same wires", as the article states. (not to mention how is someone hacking the WiFi going to interrupt flight controls on something relatively non-electronic like an MD-80?)

My background is IT, and even in the most basic of networks, we airgap mission critical servers from the outside world. I assume aircraft is the same, right?

http://arstechnica.com/security/2015...t-wi-fi-is-direct-link-to-hackers/
EMB120, EMB145, CRJ200, MD88, MD90, 717, 737, 757, 777, A319, A321
 
motif1
Posts: 281
Joined: Fri Sep 23, 2005 3:31 am

RE: Wired: In-flight WiFi Vulnerable To Hackers

Wed Apr 15, 2015 6:34 pm

Quoting MD95sOverATL (Thread starter):
There's no way that these systems "share the same wires", as the article states.

i was shocked to read that they rely on firewalls and that the networks are not completely isolated. I also think that the news is relevant to modern aircraft - not an MD-80 with an added WIFI. Can't believe that's true!

M1
Not only is this incomprehensible but the ink is ugly and the paper is from the wrong kind of tree
 
User avatar
Siren
Posts: 775
Joined: Sun Aug 20, 2006 6:50 am

RE: Wired: In-flight WiFi Vulnerable To Hackers

Wed Apr 15, 2015 7:08 pm

Well, IF one of these WiFi installations were stupid enough to put their communications gear on the same internal Ethernet (that's what the planes are using these days!), then yes, there's potential for hacking - theoretically.

Now, theory and application are a long way apart - but the A380 for instance - it's all run on IP with an internal Ethernet as I understand it. If these WiFi systems were connected to the plane in such a way that they weren't completely physically separated - then the potential exists for a hack.

The expertise needed to develop a hack for airplane avionics is beyond that of any run of the mill hacker - you'd need a sovereign state or very large company to back the hack, to put the R&D into it, the team of people needed to figure out how to illicitly gain access to these avionics - think of a development effort similar to Stuxnet, which was developed as a worm with specific code to alter the function of the Siemens developed centrifuges Iran was using for Uranium enrichment...

So, while there may be a theoretical threat, a practical application is nearly impossible - especially for anyone who would have an actual motive to hack a plane... to what end, exactly? I can't imagine hacking a plane as beneficial to anyone aboard, short of trying to crash the plane for a terrorist act. And I highly doubt that a crew would sit placidly by while some hacker in the cabin tries to ram their plane into whatever it is they want to... it would be relatively easy to stop, and regain control of the plane.

It's a pie in the sky abstraction - the actual risk of hacking a plane in flight. It's not something that is practical, or feasible short of the investment of millions of dollars and thousands of man-hours of R&D. I might also add that my background is in IT and software engineering - I dismiss this whole notion of hacking a plane as sensationalism at its finest.

[Edited 2015-04-15 12:13:38]
 
motif1
Posts: 281
Joined: Fri Sep 23, 2005 3:31 am

RE: Wired: In-flight WiFi Vulnerable To Hackers

Wed Apr 15, 2015 7:20 pm

Quoting Siren (Reply 2):
I can't imagine hacking a plane as beneficial to anyone aboard,

Unless you are hacking from the ground by going through a device that is on board and connected to the WIFI ... again in the realm of Holywood ...
Not only is this incomprehensible but the ink is ugly and the paper is from the wrong kind of tree
 
roseflyer
Posts: 9602
Joined: Fri Feb 13, 2004 9:34 am

RE: Wired: In-flight WiFi Vulnerable To Hackers

Wed Apr 15, 2015 7:52 pm

The article is based on a big assumption:

"The experts said that if the cabin systems connect to the cockpit avionics systems (e.g., share the same physical wiring harness or router) and use the same networking platform, in this case IP, a user could subvert the firewall and access the cockpit avionics system from the cabin,"

The problem is that they are not connected. The IFE systems are not connected to avionics. There are separate networks on the airplane. On the most advanced airplane like the 787, the cabin network is independent from the controls and indications in the flight deck. The most a hacker can do is interfere with the cabin attendant panel and do things like change the temperature of the airplane, adjust lighting, disrupt the IFE, etc.

For various reasons the flight control system of the airplane is completely separated from everything else. Flight controls even use different wires and have a third layer of redundancy. Indications are also controlled separately. Unless someone sneaks into the electronics bay, they aren't going to get access to any of the flight controls. Even then, the boxes don't have magic ethernet plugs in them to allow someone to hack them. Replicating a control system by unplugging connectors and rewiring everything is outrageously complicated.
If you have never designed an airplane part before, let the real designers do the work!
 
namezero111111
Posts: 139
Joined: Thu Mar 20, 2014 7:05 pm

RE: Wired: In-flight WiFi Vulnerable To Hackers

Wed Apr 15, 2015 7:52 pm

Quoting Siren (Reply 2):

I'm sure there are some zero day exploits in these systems, and iif they are on the same ethernet, it could be done.
However, I agree with your notion that pulling this off would be a bit of a tall order.

Then again, who knows what actually happened to MH370... Not saying that they got hacked, but just that they could have been.
 
KELPkid
Posts: 5247
Joined: Wed Nov 02, 2005 5:33 am

RE: Wired: In-flight WiFi Vulnerable To Hackers

Wed Apr 15, 2015 8:06 pm

Quoting Roseflyer (Reply 4):
The problem is that they are not connected. The IFE systems are not connected to avionics. There are separate networks on the airplane. On the most advanced airplane like the 787, the cabin network is independent from the controls and indications in the flight deck. The most a hacker can do is interfere with the cabin attendant panel and do things like change the temperature of the airplane, adjust lighting, disrupt the IFE, etc.

Boeing actually proposed doing just that on the 787 (to save weight), but the FAA denied them flat on that request. And I'm of the opinion that the FAA made the right move there  
Celebrating the birth of KELPkidJR on August 5, 2009 :-)
 
User avatar
Siren
Posts: 775
Joined: Sun Aug 20, 2006 6:50 am

RE: Wired: In-flight WiFi Vulnerable To Hackers

Wed Apr 15, 2015 8:11 pm

Quoting namezero111111 (Reply 5):
Then again, who knows what actually happened to MH370

I doubt we'll ever know. My bet is that we'll find 9M-MRO around the same time that Amelia Earhart's Lockheed Electra turns up...

But hacking a 777 would be even harder... I'm not 100% certain, but I'm pretty sure that the plane's avionics suite predates the use of IP for interfacing with each other's systems. These sorts of hacks are really only within the realm of the very latest and greatest planes - with the most advanced flight deck gear - the A380 and A350 would definitely be vulnerable. I don't know how the 787 is wired up, but it's potentially an issue....
 
seat64k
Posts: 612
Joined: Fri Mar 14, 2014 11:48 pm

RE: Wired: In-flight WiFi Vulnerable To Hackers

Wed Apr 15, 2015 8:14 pm

Quoting MD95sOverATL (Thread starter):
My background is IT, and even in the most basic of networks, we airgap mission critical servers from the outside world. I assume aircraft is the same, right?

We assumed this about cars too....
 
29erUSA187
Posts: 1277
Joined: Mon Apr 14, 2014 11:34 pm

RE: Wired: In-flight WiFi Vulnerable To Hackers

Wed Apr 15, 2015 8:18 pm

Quoting Siren (Reply 7):
I doubt we'll ever know. My bet is that we'll find 9M-MRO around the same time that Amelia Earhart's Lockheed Electra turns up...

But didnt some one find some form of a trace of either her or her plane in the pacific?
 
KELPkid
Posts: 5247
Joined: Wed Nov 02, 2005 5:33 am

RE: Wired: In-flight WiFi Vulnerable To Hackers

Wed Apr 15, 2015 8:19 pm

Quoting Siren (Reply 7):
But hacking a 777 would be even harder... I'm not 100% certain, but I'm pretty sure that the plane's avionics suite predates the use of IP for interfacing with each other's systems. These sorts of hacks are really only within the realm of the very latest and greatest planes - with the most advanced flight deck gear - the A380 and A350 would definitely be vulnerable. I don't know how the 787 is wired up, but it's potentially an issue....

   http://en.wikipedia.org/wiki/ARINC

The 777 uses arinc 629, which unfortunately doesn't have its own Wiki page...

Newer aircraft (so far, A350 and B787) use ARINC 664:

http://en.wikipedia.org/wiki/Avionics_Full-Duplex_Switched_Ethernet
Celebrating the birth of KELPkidJR on August 5, 2009 :-)
 
S75752
Posts: 1470
Joined: Sat Apr 05, 2014 6:38 pm

RE: Wired: In-flight WiFi Vulnerable To Hackers

Wed Apr 15, 2015 9:50 pm

Wasn't there a story in the news about a hobbyist a few years ago who was able to effectively interfere with and manipulate onboard navigation and other system using a phone and a receiver/transmitter? I think he did it using publicly available avionics to test with and other off the shelf things, as well as some programs he coded himself. He turned everything over to the FAA to investigate and patch vulnerabilities.

That said, with the price of all the avionics and other parts in an aircraft it's kind of insane to think that they use anything off the shelf or publicly available for quite a few reasons, including the necessity of very specifically engineered parts.

That however is much different from hacking in to stuff via the wifi. The more obvious concern would be other users information being stolen - the only potential that'd come to mind is maybe in flight transactions being packet sniffed or stolen through the wifi.

To the IT experts here, there is a curiosity I've had for a while. Is it possible to create a network in which computers on the network are able to talk to the ethernet and the net beyond, but are completely unable to see other computers on the network? Like, set up in such a way where computers are simply not visible to eachother on the same network?
 
opethfan
Posts: 940
Joined: Mon Dec 31, 2012 6:35 am

RE: Wired: In-flight WiFi Vulnerable To Hackers

Wed Apr 15, 2015 10:19 pm

Quoting S75752 (Reply 11):
To the IT experts here, there is a curiosity I've had for a while. Is it possible to create a network in which computers on the network are able to talk to the ethernet and the net beyond, but are completely unable to see other computers on the network? Like, set up in such a way where computers are simply not visible to eachother on the same network?

I'd guess VLANs could handle that. That's usually what they're there for. A retail establishment may use one firewall but have 2 VLANs - one for the POS and another for the WiFi hotspot.

As for this issue: I'm with OP - you airgap anything sensitive. If someone can circumvent or use electric interference to bypass that, then they've already got the skills, knowledge, and capability to pwn you.
 
User avatar
Siren
Posts: 775
Joined: Sun Aug 20, 2006 6:50 am

RE: Wired: In-flight WiFi Vulnerable To Hackers

Wed Apr 15, 2015 10:22 pm

Quoting S75752 (Reply 11):
To the IT experts here, there is a curiosity I've had for a while. Is it possible to create a network in which computers on the network are able to talk to the ethernet and the net beyond, but are completely unable to see other computers on the network? Like, set up in such a way where computers are simply not visible to eachother on the same network?

Totally, and it's done regularly in large corporate networks - the concept of VLANs was pretty much created for this purpose.

http://en.wikipedia.org/wiki/Virtual_LAN

Basically in the switching gear, you'd set up certain areas to talk to one another in their own virtual LAN - you can't easily get traffic across that, it needs to be routed via IP - you can't discover other machines/nodes on the network outside of your VLAN. You'd have to hack the switch before you could even see other equipment.

I, for one, would be astonished if, even if IFE and WiFi are interconnected on the plane's systems, that they wouldn't be using basic security, and on a different VLAN. This is network engineering 101 stuff... to have the plane's systems discoverable and able to route to and talk to a node or device on the plane's WiFi or within the IFE system would be a dramatic failure of design, and basic information technology operations... that said, I've seen my share of utterly stupid design decisions in the IT world in my career... so, it's not beyond the realm of possibility, with the level of incompetence I've run across in this life...

Popular Searches On Airliners.net

Top Photos of Last:   24 Hours  •  48 Hours  •  7 Days  •  30 Days  •  180 Days  •  365 Days  •  All Time

Military Aircraft Every type from fighters to helicopters from air forces around the globe

Classic Airliners Props and jets from the good old days

Flight Decks Views from inside the cockpit

Aircraft Cabins Passenger cabin shots showing seat arrangements as well as cargo aircraft interior

Cargo Aircraft Pictures of great freighter aircraft

Government Aircraft Aircraft flying government officials

Helicopters Our large helicopter section. Both military and civil versions

Blimps / Airships Everything from the Goodyear blimp to the Zeppelin

Night Photos Beautiful shots taken while the sun is below the horizon

Accidents Accident, incident and crash related photos

Air to Air Photos taken by airborne photographers of airborne aircraft

Special Paint Schemes Aircraft painted in beautiful and original liveries

Airport Overviews Airport overviews from the air or ground

Tails and Winglets Tail and Winglet closeups with beautiful airline logos