Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | Snapchat Symbol Meaning

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

Security Researcher Accused of Hacking a Plane in Mid-Flight

by Fox Van Allen on May 18, 2015

Pilots in plane cockpit using tabletA few weeks ago here on Techlicious, we discussed how a large number of passenger airplanes are vulnerable to hacking through their in-flight entertainment systems. We didn’t have any proof at the time that the vulnerability had been exploited. But a newly discovered FBI search warrant application reveals that security researcher Chris Roberts stands accused of hacking an April 2015 United Airlines flight and at least a dozen more since 2011.

According to the warrant, Roberts physically accessed the plane’s network by attaching a Cat6 ethernet cable to the Seat Electronics Box located under a seat in each row on the plane. He signed on to the network using default IDs and passwords, and then used the connection to access the plane’s varied electronics systems. Roberts has bragged about using this connection, at one time, to commandeer the plane.

“(Roberts) stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights,” writes FBI Special Agent Mark Hurley in the warrant application. “He also stated that he used Vortex software after comprising/exploiting or ‘hacking’ the airplane’s networks. He used the software to monitor traffic from the cockpit system.”

On April 15, 2015, Roberts posted a number of messages to social network Twitter suggesting he was actively accessing a plane’s electronics systems. A warrant was then filed and Roberts was met on the plane and detained by FBI agents. Charges have yet to be filed.

Naturally, Roberts’ alleged actions have drawn a massive amount of criticism from fellow security experts for endangering his fellow passengers. But questions remain as to whether he was really able to hack a plane mid-flight. Plane manufacturer Boeing says that the described hack is impossible, as its entertainment system is “isolated from flight and navigation systems.” Roberts says much of what he told the FBI has been taken out of context, and that he only ran a simulation of a hack.

Either way, it appears there’s a clear need for airplane manufacturers and operators to improve their computers’ security – it’s incredibly irresponsible to leave these systems accessible by default usernames and passwords. At the same time, it’s even more irresponsible for a security researcher to access plane flight controls without permission during their normal operation. We only hope that the attention being brought to this issue will lead to more responsible security practices from all involved in the future.

[Pilots in cockpit with tablet via Shutterstock] 


Topics

Travel, News, Computers and Software, Travel & Entertainment, Blog


Discussion loading

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.