Worrying news for travelers: A new report from the U.S. government is warning that the onboard computers used in some of the nation’s most popular passenger aircraft are vulnerable to hacking via in-flight Wi-Fi networks.
Specifically, the U.S. Government Accountability Office (GAO) singles out the Boeing 787 Dreamliner, Airbus A350 and Airbus A380 aircraft as being at risk due to their cockpits sharing the same Wi-Fi network used by their passengers. If they’re able to bypass the network’s firewall, an attacker could upload malware to cabin computers, take over the navigation system and commandeer the aircraft, all from an ordinary laptop. It is not known whether the GAO has actually tested and confirmed these vulnerabilities.
There is some good news in the report. Modern aircraft do have a number of redundant control mechanisms built in which could allow a pilot to override a hacking attempt. Aircraft that predate the 1990s, meanwhile, typically do not feature significant integration with the Internet, which lowers their risk of attack, the study’s author says.
News of the planes’ vulnerabilities has sent shockwaves through the nation’s capitol. “This report exposed a real and serious threat – cyberattacks on an aircraft in flight,” said Rep. Peter DeFazio, an Oregon Democrat who serves as the ranking member of the House Commerce Committee. “(The Federal Aviation Administration) must focus on aircraft certification standards that would prevent a terrorist with a laptop in the cabin or on the ground from taking control of an airplane through the passenger Wi-Fi system. That’s a serious vulnerability.”
For its part, the FAA says it has already launched a program to improve cyber protections in the National Airspace System infrastructure. “(The FAA) recognizes that cyberbased threats to federal information systems are becoming a more significant risk and are rapidly evolving and increasingly difficult to detect and defend against,” the agency wrote in response to the GAO. “We take this risk very seriously.”
In August of 2014, security researcher Ruben Santamarta warned that airplane satellite communications systems were similarly vulnerable to hacking through in-flight Wi-Fi. Satellite communications companies replied to that warning, stating that the danger for compromise is “very small.”
[Pilot in airplane cockpit via Shutterstock]