An FBI agent's claim that a hacker may have exploited weaknesses aboard more than a dozen commercial flights, including sending commands to a jet engine in mid-air, has sparked new worries over the safety and cybersecurity of the nation's passenger planes.
The hacker, a security researcher, said the FBI misinterpreted him, and jetmakers and security experts have cast doubt on claims that he was able to control a flight. But the episode has added to a mounting sense of vulnerability ahead of what's expected to be the busiest summer for air travel in years.
The FBI investigation comes one month after more than 50 American Airlines flights were delayed due to a bug in a critical iPad flight-navigation app that pilots could fix only by nudging closer to an airport's Wi-Fi.
And it comes only two months after the deadly crash of a Germanwings jet in the French Alps, caused by a co-pilot who locked the captain out of the cockpit and began the descent, killing all 150 people on board. Despite that tragedy and the cyber scares, air travel has never been safer — 20 commercial flights crashed last year, making it one of the safest in aviation history.
But a new wave of technology is raising questions about security for an industry that has long kept a tight grip on information flowing among pilots, air-traffic controllers and top officials..
The aviation industry's "previously centralized and controlled culture," said Tim Erlin, a director at security software firm Tripwire, "is being forced to deal with the basic, but prevalent, security issues more open systems have been confronting for years."
In an application last month for a search warrant, an FBI agent said researcher Chris Roberts had used a simple plug, installed beneath the seats of many commercial planes, to tap into in-flight entertainment systems up to 20 times since 2011.
From there, according to the FBI, Roberts said he was able to change code on a plane's internal computers and even command a plane to climb and fly sideways. Roberts last month got agents' attention by tweeting that he might "start playing" with his jet's controls.
Roberts defended the tweet as a joke riffing off his previous warnings to jetmakers Airbus and Boeing over their planes' security flaws, which he said could leave control systems for the plane's cabin and oxygen mask systems open to attack. "My only interest has been to improve aircraft security," he tweeted Sunday.
But other aviation and security experts said the claims, of tapping into flight controls via a seat outlet, stretched the imagination, because entertainment and crucial flight systems are often kept separate. Hacking a plane's engine controls through its entertainment system, they argue, is a bit like controlling a car's steering wheel through its CD player.
Jetmakers defended their security against worries of a fleet-wide flaw. In Boeing jets, entertainment systems are kept separate from flight and navigation, pilots have multiple navigational systems at their disposal, and the jet's flight plan can't change without pilot approval, Boeing spokesman Doug Alder said.
"On every flight, there are multiple layers of security and procedures in place to protect passengers and crew," said Victoria Day, a spokesperson for Airlines for America, the industry's trade group.
But the industry came under fire in a Government Accountability Office report last month, which said that in-flight Wi-Fi networks on some Boeing and Airbus planes could allow an attacker to commandeer a flight.
Cockpit electronics connect to the same networks as the passenger cabin, and the firewalls that divide them can, as cybersecurity experts told the watchdog, "be hacked like any other software and circumvented."
Security experts like Christopher Soghoian, who in 2006 built a tool exploiting an airline weakness by allowing people to print fake boarding passes, poked back at the industry itself, saying it had sacrificed security when it made features like the under-seat port, designed for entertainment systems, easily available to anyone.
"In order to show video ads to passengers," Soghoian tweeted, "airlines placed an easy to access 'hack this plane' data port under every seat."
Some of air travel's biggest tech headaches have arisen from the same hazards troubling other industries. About 10,000 frequent flyers of American and United airlines were told in January their accounts had been compromised by hackers who booked themselves free or upgraded flights.
Air miles and loyalty programs have become easy targets for hackers, analysts said, because they often lack the security controls protecting credit cards, checking accounts and other forms of currency.
But the industry's tech problems have also challenged the basic safety measures of commercial flight, including last month, when dozens of American Airlines pilots were stranded on the runway after the iPad app that gives them their flight plans crashed.
The airline had in 2013 turned to the app as an alternative to heavy bags of paper maps, saying the switch would allow for quicker updates, take weight off pilots and even save $1 million a year in fuel. But the glitch showed the risk of too much tablet dependence, especially because the airline didn't carry backup paper terminal charts in its cockpits.
To counter technical problems, United Airlines this month launched the industry's first "bug bounty," offering free airline miles to hackers who alert the carrier to vulnerabilities in its website, app and reservations system.
But security researchers said the airline stopped short of preventing the most damage, by saying it would not accept submissions detailing weaknesses in planes' onboard Wi-Fi, entertainment systems and flight electronics.
Years of bankruptcies and megamergers have left fewer airlines to compete over a growing traveler base, and some analysts have argued the air carriers have been slow to implement important upgrades.
But some airlines are "starting to see that messy operations are very expensive," said Seth Kaplan, a managing partner for trade publication Airline Weekly.
"When you invest money wisely in tech, and not just a blank check, you get this virtuous cycle where you don't have as many delays, you're not losing as many bags" — and passengers feel more confident to step on the plane.
The Washington Post
Tue May 19 2015
The FBI investigation comes one month after more than 50 American Airlines flights were delayed due to a bug in a critical iPad flight-navigation app that pilots could fix only by nudging closer to an airport's Wi-Fi.
Former special forces commander Prabowo to take up Indonesian presidency
Indonesia's Prabowo Subianto will take over as president of the world's third-largest democracy after sweeping the country's election with policies like free meals for school children
Who is Prabowo Subianto, incoming president of Indonesia?
A wealthy ex-general with ties to Indonesia's popular outgoing president and its dictatorial past, looks set to be its next leader.
Trump says he would impose tariffs on China if China went into Taiwan
Republican presidential candidate Donald Trump said he would impose additional tariffs on China if China were to "go into Taiwan,"
Iran's supreme leader says Hamas leader's death will not halt 'Axis of Resistance'
The "Axis of Resistance", built up with years of Iranian support, includes Hamas, the Lebanese Hezbollah group, the Houthi movement in Yemen, and various Shi'ite groups in Iraq and Syria.
Putin says Russia willing to seek compromises between Iran and Israel
Russia is ready to help seek compromises between arch-foes Israel and Iran, President Vladimir Putin said on Friday, saying these would be difficult but possible.
What proposals will Russia push at the BRICS summit?
The proposal is also to establish a BRICS reinsurance company to allow uninterrupted shipment of goods and key commodities between members.
Indonesia's free meals plan in the spotlight as Prabowo readies for office
Prabowo calls the programme one of the main drivers of economic growth, eventually set to add an estimated 2.5 million jobs.
Astro AWANI's revamped English news website, AWANI International, launches on Oct 21
Astro AWANI's revamped English platform delivers in-depth global news and expert analysis to keep you informed on key developments.
Israeli strikes kill 33 people in Jabalia refugee camp in Gaza, medics say
Residents of Jabalia said Israeli tanks had reached the heart of the camp after pushing through suburbs and residential districts.
Liam Payne's ex-partner calls for media restraint after 'painful' death
Cheryl Tweedy used her statement to urge the media to remember they had a seven-year-old son, Bear, who could read the reports.
Analysts: Indonesia's strong MoF leadership team to boost investor confidence
Sri Mulyani Indrawati as head of Indonesia's Ministry of Finance is expected to instil confidence among investors.
Biden offers both a carrot and a stick to Israel as his term nears an end
Israel has frequently resisted US advice and has caused political difficulties for the Biden administration.
Putin says BRICS will generate most of global economic growth
Russian President Vladimir Putin will host a summit of the group in the city of Kazan on Oct. 22-24.
ISIS Malaysia's perspective of Budget 2025
An excellent rakyat-centric budget under the overarching principle of a caring and humane economy.
Budget 2025: Record increase in STR, SARA aid initiatives
The government will provide a significant boost to the Sumbangan Tunai Rahmah (STR) and Sumbangan Asas Rahmah (SARA) initiatives next year.
Budget 2025: EPF contributions to be made mandatory for foreign workers – PM Anwar
The government plans to make it compulsory for all non-citizen workers to contribute to the Employees Provident Fund (EPF).
What policies to expect from Indonesia's new President Prabowo
Prabowo will be open to foreign investment, his aide has said, such as by offering investors management of airports and sea ports.
Budget 2025: Govt allocates RM470 mil to empower women's participation in PMKS
The Women's Leadership Apprenticeship Program will be intensified as an effort to produce more female corporate personalities.
Israel sends more troops into north Gaza, deepens raid
Residents of Jabalia in northern Gaza said Israeli tanks had reached the heart of the camp, using heavy air and ground fire.
Indonesia ramps up security ahead of Prabowo's inauguration
Prabowo Subianto will be sworn in as Indonesia's president on Sunday with Vice President-elect, Gibran Rakabuming Raka, also taking office.