Apr 17, 2015

    Aircraft may be hacked through in-flight entertainment systems


    HACKERS could exploit in-flight entertainment systems to fatally sabotage the cockpit electronics of a new generation of airliners connected to the Internet, a United States government report warns.

    It comes weeks after the co-pilot of a Germanwings A320 crashed the aircraft into the French Alps, killing all 150 on board, prompting talk of airliners being 100 per cent automated one day.

    In-flight cyber security is "an increasingly important issue" that the Federal Aviation Administration (FAA) is just starting to address in earnest, says the audit and investigative arm of the US Congress.

    "Modern communications technologies, including IP connectivity, are increasingly used in aircraft systems, creating the possibility that unauthorised individuals might access and compromise aircraft avionics systems," the Government Accountability Office (GAO) report says.

    In the past, the electronics used to control and navigate aircraft - known as avionics - have functioned autonomously, says the GAO.

    "However, according to FAA and experts we spoke to, IP networking may allow an attacker to gain remote access to avionics systems and compromise them," the GAO says.

    In theory, firewalls ought to protect avionics from intrusion by cabin-system users, such as passengers who use in-flight entertainment systems.

    But four cyber-security experts told the GAO that firewalls, being software components, can be hacked and circumvented "like any other software".

    The FAA has yet to develop regulations to make "cyber-security assurance" for avionics part of its process for certifying new aircraft.

    FAA officials told the GAO, however, that cyber security is an increasingly important concern and that it is shifting its certification focus to address it.