Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Grey hats and blue skies, dealing with airline security

Vincenzo Marsden | Oct. 14, 2016
Airline security in the 21st century will have to address hacking and physical threats.

"He also stated that he used Vortex software after comprising/exploiting or ‘hacking’ the airplane’s networks. He used the software to monitor traffic from the cockpit system."

Roberts cannot currently comment on this issue, but has asserted on Twitter that his
"only interest has been to improve aircraft security. Given the current situation I’ve been advised against saying much."

The biggest threats to aviation security systems and airlines from cyber-terrorism and hackers in general are evolving with the implementations of new technologies within their systems.

"A cyberattack which is successful against air traffic control systems would be absolutely devastating and could easily result in the loss of lives, depending on what a hacker or cyber-terrorist was able to compromise and control," said Wenzler.

"There are also a lot of concerns around the increased use of in-flight wireless networks, both for internet access and for delivering entertainment to passengers at their seats. In some cases, it's been discovered that these systems are not isolated from the aircraft's controls and operation networks, which means a hacker could potentially take control of an aircraft or affect its flight operation."

Daniel Miessler, director of advisory services at IOActive, said that from a cyber-terrorism perspective, the biggest threats are likely in the form of disrupting active operation of aircraft, and of preventing air travel altogether in order to harm the economy.

"The first scenario is most dangerous but requires knowledge of potential aircraft vulnerabilities that can affect, disrupt or disable operation of an aircraft. These vulnerabilities, if they exist, would  require high skill levels to discover, keep secret, and then to exploit," he said.

The other scenario, which is likely far easier to carry out, is to find flaws in the lattice of IT systems that make up a modern airline system, including bookings, payment systems, flight management, etc.

"Gaining the ability to stop airlines from ensuring planes are safe, from ensuring that all safety procedures have been followed for all staff and crew, for one or more major airlines could potentially stop, disrupt air travel for hours, days, or even weeks. While this may result in no human casualties, the damage to the global economy could be catastrophic," says Meissler.

When asked about what specific issues he’d like to be brought to attention? Meissler explained that, as with any critical infrastructure, "the risk is that someone may be able to cause human loss of life or cause damage to perception of the safety and security of key public activities."

With air travel, he added, the application of these principles is clear, since humans are almost always involved and so much of the global economy is based on the belief that air travel is safe.

 

Previous Page  1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.