© 2024 Kansas City Public Radio
NPR in Kansas City
Play Live Radio
Next Up:
0:00
0:00
0:00 0:00
Available On Air Stations

Hacker Says He Can Break Into Airplane Systems Using In-Flight Wi-Fi

Cybersecurity researcher Ruben Santamarta says he has figured out how to hack the satellite communications equipment on passenger jets through their Wi-Fi and in-flight entertainment systems.
Andrea Comas
/
Reuters/Landov
Cybersecurity researcher Ruben Santamarta says he has figured out how to hack the satellite communications equipment on passenger jets through their Wi-Fi and in-flight entertainment systems.

Two years ago, a group at Las Vegas' annual hacker convention announced it could break into air traffic control systems.

At this year's Black Hat convention, a cybersecurity consultant, Ruben Santamarta, will discuss how he went even further: by showing it's possible to interfere with an airplane's navigation and safety systems — while on the plane and in the air — using the plane's own Wi-Fi and in-flight entertainment systems. As Reuters reports:

"Santamarta published a 25-page research report in April that detailed what he said were multiple bugs in firmware used in satellite communications equipment made by Cobham, Harris, Hughes, Iridium and Japan Radio Co for a wide variety of industries, including aerospace, military, maritime transportation, energy and communications.

"The report laid out scenarios by which hackers could launch attacks, though it did not provide the level of technical details that Santamarta said he will disclose at Black Hat."

The manufacturers say the risk of break-ins is very small, but, according to Reuters, Santamarta says simple steps can be taken to make the systems more secure: "One vulnerability that Santamarta said he found in equipment from all five manufacturers was the use of 'hardcoded' log-in credentials, which are designed to let service technicians access any piece of equipment with the same login and password."

Other topics on tap for the Black Hat convention this week include an ad network data link that can let hackers take over Android phones; how Microsoft administrator tools can be used for nefarious purposes; uncorrected security gaps during desktop computers' boot-up processes; and the potential threat of hacks in computers' USB peripherals.

Chris Hopkins is a digital editor at NPR. His favorite in-flight entertainment is Delta Air Lines' trivia game that pits passengers against one another. @chopkinsmedia

Copyright 2020 NPR. To see more, visit https://www.npr.org.

KCUR prides ourselves on bringing local journalism to the public without a paywall — ever.

Our reporting will always be free for you to read. But it's not free to produce.

As a nonprofit, we rely on your donations to keep operating and trying new things. If you value our work, consider becoming a member.