Security expert said he accessed plane controls mid-flight

  • By Carolyn Thompson Associated Press
  • Monday, May 18, 2015 8:54pm
  • Business

A security researcher told federal agents he was able to hack into aircraft computer systems mid-flight numerous times through the in-flight entertainment systems, and at one point he caused a plane he was on to move sideways, according to an FBI agent’s affidavit.

Although the claims are still being investigated, the airline involved, United, cast doubt on whether it was possible to control an airplane through the entertainment system, while other experts said such cyber threats should be taken seriously given that airplanes are increasingly connected to the Internet.

The researcher, Chris Roberts, was questioned upon his arrival at the Syracuse, New York, airport April 15. He had suggested on Twitter while on a United Airlines flight from Chicago that he could get the oxygen masks to deploy or interfere with the cockpit’s alert systems, according to the court filing in support of a search warrant for Roberts’ laptop and other electronics.

Roberts founded One World Labs, which tries to discover security risks before they are exploited. He had met previously, in February and March, with the FBI to discuss vulnerabilities with in-flight entertainment systems aboard certain aircraft, the affidavit said. During the meetings, Roberts claimed to have compromised the systems 15 to 20 times between 2011 and 2014, using a cable to connect his laptop to an electronics box located beneath passenger seats, the document said.

“He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights,” the affidavit said.

Roberts declined to comment Monday when reached at his Denver, Colorado, office. In a statement issued through his attorney, he said his “only interest has been to improve aircraft safety.”

“Given the current situation, I’ve been advised against saying more,” said the statement provided by Nate Cardozo, a staff attorney with the San Francisco-based Electronic Frontier Foundation.

A report by the U.S. Government Accountability Office last month said some commercial aircraft may be vulnerable to hacking over their onboard wireless networks.

“Modern aircraft are increasingly connected to the Internet. This interconnectedness can potentially provide unauthorized remote access to aircraft avionics systems,” the report said.

The fact that passengers on flights with in-seat video monitors can shift between television and a map showing the plane’s real-time location indicates a link between the flight control and passenger entertainment networks, said Steven Bellovin, a computer science professor at Columbia University. And airplanes that offer Wi-Fi are likely using the same data link used by pilots to communicate with the airline, he said.

“Now the question is, what is the form of isolation between the passenger network and everything else?” Bellovin said. “There is some kind of linkage but there are different ways to do this — really securely and not particularly securely, and I have no way of knowing which has actually been done here.”

After stopping Roberts from continuing on from Syracuse to California following his FBI interview last month, the airline cited Roberts’ “claims regarding manipulating aircraft systems.”

“However, we are confident our flight control systems could not be accessed through techniques he described,” spokesman Rahsaan Johnson told The Associated Press.

In a statement, a Boeing spokesman said in-flight entertainment systems on airliners are isolated from flight and navigation systems.

Pilots have more than one navigation system, spokesman Alder said. “No changes to the flight plans loaded into the airplane systems can take place without pilot review and approval,” he said, declining to discuss specific design features for security reasons.

Tim Erlin, director of IT security and risk strategy at the cybersecurity firm Tripwire, said it’s possible that systems are connected in some aircraft and not in others.

“There are many different types of aircraft in service, with varying levels of technology from different time periods,” Erlin said via email. “If a system was installed well before these kinds of attacks and tools were conceived of, there would have been no reason not to connect them, and it might have been perceived as extra cost and complexity to keep them separate.”

Talk to us

> Give us your news tips.

> Send us a letter to the editor.

> More Herald contact information.

More in Business

Simreet Dhaliwal speaks after winning during the 2024 Snohomish County Emerging Leaders Awards Presentation on Wednesday, April 17, 2024, in Everett, Washington. (Ryan Berry / The Herald)
Simreet Dhaliwal wins The Herald’s 2024 Emerging Leaders Award

Dhaliwal, an economic development and tourism specialist, was one of 12 finalists for the award celebrating young leaders in Snohomish County.

Lynnwood
New Jersey company acquires Lynnwood Land Rover dealership

Land Rover Seattle, now Land Rover Lynnwood, has been purchased by Holman, a 100-year-old company.

Szabella Psaztor is an Emerging Leader. (Olivia Vanni / The Herald)
Szabella Pasztor: Change begins at a grassroots level

As development director at Farmer Frog, Pasztor supports social justice, equity and community empowerment.

Owner and founder of Moe's Coffee in Arlington Kaitlyn Davis poses for a photo at the Everett Herald on March 22, 2024 in Everett, Washington. (Annie Barker / The Herald)
Kaitlyn Davis: Bringing economic vitality to Arlington

More than just coffee, Davis has created community gathering spaces where all can feel welcome.

Simreet Dhaliwal is an Emerging Leader. (Olivia Vanni / The Herald)
Simreet Dhaliwal: A deep-seated commitment to justice

The Snohomish County tourism and economic specialist is determined to steer change and make a meaningful impact.

Nathanael Engen, founder of Black Forest Mushrooms, an Everett gourmet mushroom growing operation is an Emerging Leader. (Olivia Vanni / The Herald)
Nathanael Engen: Growing and sharing gourmet mushrooms

More than just providing nutritious food, the owner of Black Forest Mushrooms aims to uplift and educate the community.

Emerging Leader John Michael Graves. (Ryan Berry / The Herald)
John Michael Graves: Champion for diversity and inclusion

Graves leads training sessions on Israel, Jewish history and the Holocaust and identifying antisemitic hate crimes.

Gracelynn Shibayama, the events coordinator at the Edmonds Center for the Arts, is an Emerging Leader. (Olivia Vanni / The Herald)
Gracelynn Shibayama: Connecting people through the arts and culture

The Edmonds Center for the Arts coordinator strives to create a more connected and empathetic community.

Eric Jimenez, a supervisor at Cocoon House, is an Emerging Leader. (Olivia Vanni / The Herald)
Eric Jimenez: Team player and advocate for youth

As an advocate for the Latino community, sharing and preserving its traditions is central to Jimenez’ identity.

Molbak's Garden + Home in Woodinville, Washington closed on Jan. 28 2024. (Photo courtesy of Molbak's)
Molbak’s, former Woodinville garden store, hopes for a comeback

Molbak’s wants to create a “hub” for retailers and community groups at its former Woodinville store. But first it must raise $2.5 million.

DJ Lockwood, a Unit Director at the Arlington Boys & Girls Club, is an Emerging Leader. (Olivia Vanni / The Herald)
DJ Lockwood: Helping the community care for its kids

As director of the Arlington Boys & Girls Club, Lockwood has extended the club’s programs to more locations and more kids.

Alex Tadio, the admissions director at WSU Everett, is an Emerging Leader. (Olivia Vanni / The Herald)
Alex Tadio: A passion for education and equality

As admissions director at WSU Everett, he hopes to give more local students the chance to attend college.

Support local journalism

If you value local news, make a gift now to support the trusted journalism you get in The Daily Herald. Donations processed in this system are not tax deductible.