FBI claims security researcher took control of a plane mid-flight through its entertainment system

By Jos
May 18, 2015
Post New Reply
  1. fbi united airlines flight security hacking hackfbi united airlines flight security hacking hack

    Security researcher Chris Roberts got into quite a bit of trouble last month after seemingly Tweeting a joke about being able to hack into a plane’s electronic control systems mid-flight. "Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ?  Shall we start playing with EICAS messages? "PASS OXYGEN ON" Anyone ? :)," the now infamous tweet read. When the plane landed, Roberts was questioned by FBI agents, who seized his laptop and other electronics.

    Apparently Roberts had met with the FBI before to disclose vulnerabilities within the In Flight Entertainment (IFE) systems, which he reportedly accessed 15 to 20 times from 2011 to 2014 through the Seat Electronic Box (SEB) located under seats containing video monitors using modified Ethernet cable. From there he is able to log into the IFE system using default admin usernames and passwords.

    He says he never connected his laptop to any SEBs on this particular flight, though FBI agents claim the units under the seats where Roberts had been sitting showed signs of tampering. He has yet to be charged with a crime but the FBI’s ongoing investigation suggests he was able to gain control of other systems beyond in-flight entertainment on the airplane network. 

    According to the affidavit for the search warrant application, Roberts told investigators he overwrote code on the airplane's Thrust Management Computer while aboard a flight and successfully commanded the system he had accessed to issue the 'CLB' or climb command. This supposedly caused one of the airplane engines to climb resulting in a sideways movement of the plane.

    Roberts has since refuted these claims saying they’re out of context and that the FBI basically condensed a lot of discussions, meetings and notes into a single paragraph. He passed on the opportunity to set the record straight, however.

    Other in the security industry have expressed skepticism over Roberts’ and the FBI’s claims in the search warrant, noting that entertainment systems are "isolated from flight and navigation systems”, that it is very unlikely he got physical access to the SEB in several flights without other passengers alerting the flight crew, and that even if he did interfere with flight controls, pilots should have noticed it and an investigation would have ensued.

    Just last week United Airlines launched a a bug bounty program that offers people free airline miles in exchange for information about security vulnerabilities. Curiously, the offer is limited to their website and apps, not bugs on onboard Wi-Fi, entertainment systems or avionics.

    Permalink to story.

  2. VitalyT

    VitalyT Russ-Puss Posts: 3,114   +1,379

    Here's the controversy of our time...

    It is the lawful right for anyone to be stupid, since there is no law that states a person isn't allowed to be stupid. And how does it go along with the famous Ignorantia juris non excusat?

    If nobody in the entire airline has the intelligence for providing some basic security, how does it make this guy's fault that the plane's security is exposed like this? Shouldn't the FBI go after the airline's license instead for being so ignorant towards security?
    treetops and Darth Shiv like this.
  3. Nitrotoxin

    Nitrotoxin TS Booster Posts: 102   +56

    I read the method by which the "researcher" says he performed the hack. I think he is delusional as the IFE systems are not physically attached to "any" systems on the airplane. They are "all" on a "non-critical" networks and are not by FAA part 25 rules to be physically connected to any critical systems. Without a physical connection, even attaching to the set box will do nothing but enable one to hack the content servers. These are not connected to the airplane systems. They do receive one-way signals from the Central Management Computer (CMC) to turn on or off under certain circumstances, but the CMC cannot "receive" any communication from the IFE system. The IFE system has to be so benign that the CMC does not know it exists. It is against FAA part-25 rules. If Boeing breaks the rules they lose their PC-700 government approval to build airplanes. This would not happen unless it was changed by an airline who did not follow proper procedures. Anyone who touches an airplane for modification, has to file a Supplemental Type Certificate(STC) that follows the FAA part-25 rules. There can be no “escapement” from the documentation of parts, software design, avionics design, etc. The consequences are too great. An airline would be subject to 3rd party liability if anything happened. If the hacked airplane had crashed, and the STC work revealed an undocumented change, the airline would lose their license to operate, and the insurance companies would have to pay billions.

    This so called "Hacker" is all talk, he's just trying to get attention, this whole story is all made up by him.
  4. Nitrotoxin

    Nitrotoxin TS Booster Posts: 102   +56

    I would like to see the source for the official FBI comments for this article... I call bullshit!
    Hasbean likes this.
  5. MilwaukeeMike

    MilwaukeeMike TS Evangelist Posts: 2,729   +1,093

    Agreed... WIRED had an article a couple months ago about the state of the flight systems on airlines. They're old, like really, really old. Without knowing anything else about them, I'd guess the in-flight entertainment system could talk to the flight systems as well as your iPhone could tell your Betamax to rewind a video tape.
    Fear makes for great news though,...
  6. Kibaruk

    Kibaruk TechSpot Paladin Posts: 2,428   +472

    I had a hard time reading the article and putting everything together, was it just me? (Might be that english is not my native language, but still took me a couple of reads before understanding it straight).
  7. Skewed Input

    Skewed Input TS Rookie Posts: 31   +9

    From there he is able to log into the IFE system using default admin usernames and passwords.

    ^^^Well there's your first problem. Anyone who would ever consider themselves in the "IT Field" should NEVER leave ANY device using those credentials. It's literally one of the first things I change when configuring a device.
  8. davislane1

    davislane1 TS Evangelist Posts: 3,379   +2,167

    Psychologically unstable pilots and Islamic terrorists are threats to aircraft and their passengers. A hacker with a chip on his shoulder is an annoyance.
    cliffordcooley likes this.
  9. treetops

    treetops TS Evangelist Posts: 1,937   +157

    "From there he is able to log into the IFE system using default admin usernames and passwords."
  10. Kibaruk

    Kibaruk TechSpot Paladin Posts: 2,428   +472

    Please do tell me more on how many of those have taken down commercial aircrafts in the last couple decades
    Hasbean likes this.
  11. davislane1

    davislane1 TS Evangelist Posts: 3,379   +2,167

    Disgruntled pilots who have crashed commercial aircraft into mountains or other terrain: 5
    Islamic terrorists who have highjacked and/or downed commercial aircraft (by instance): 13+
    Number of aircraft crashed and/or highjacked by nefarious hackers: 0

    It doesn't take a statistician to look at the numbers and conclude that depression and Islamic terrorism are demonstrably greater threats to airline passengers globally than any hacker.
    RebelFlag likes this.
  12. Tanstar

    Tanstar TS Guru Posts: 394   +81

    A psychologically unstable pilot nosedived a plane in Europe THIS year and 9/11 was NOT over two decades ago.
  13. Kibaruk

    Kibaruk TechSpot Paladin Posts: 2,428   +472

    My point being... this happened once, and according to Davislane 5 times over the last 20 years and everyone is making such a huge deal out of it. Of course it's terrible but... you get it.
  14. cliffordcooley

    cliffordcooley TS Guardian Fighter Posts: 8,430   +2,822

    How many hackers does it take to make a terrorist? Wait a minute you mean there is actually a difference? Simply because a hacker chooses to do other terrorist activities, than taking over airliners.
  15. RebelFlag

    RebelFlag TS Addict Posts: 134   +66

    Terrorist -n- the use of violence and threats to intimidate or coerce, especially for political purposes.
    Hacker -n- a person who uses computers to gain unauthorized access to data

    There is a huge difference between a hacker and a terrorist. Hackers normally not being into murder, and civil unrest for the most part. Most hackers are motivated by money, even when they try and pretend they are motivated by ideals. Most terrorists are motivated solely by their ideals.
  16. davislane1

    davislane1 TS Evangelist Posts: 3,379   +2,167

    Depends. If training accidents persist at terror camps, it could take quite a few.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...