|
|
Hijacking airplanes with an Android phone - TechAmok
Hijacking airplanes with an Android phone - [security]
07:30 AM EDT - Apr,11 2013 - post a comment An extremely well attended talk by Hugo Teso, a security consultant at n.runs AG in Germany, about the completely realistic scenario of plane hijacking via a simple Android app has galvanized the crowd attending the Hack In The Box Conference in Amsterdam today.
Teso, who has been working in IT for the last eleven years and has been a trained commercial pilot for a year longer than that, has combined his two interests in order to bring to light the sorry state of security of aviation computer systems and communication protocols.
By taking advantage of two new technologies for the discovery, information gathering and exploitation phases of the attack, and by creating an exploit framework (SIMON) and an Android app (PlaneSploit) that delivers attack messages to the airplanes' Flight Management Systems (computer unit + control display unit), he demonstrated the terrifying ability to take complete control of aircrafts by making virtual planes "dance to his tune."
One of the two technologies he abused is the Automatic Dependent Surveillance-Broadcast, which sends information about each aircraft (identification, current position, altitude, and so on) through an on-board transmitter to air traffic controllers, and allows aircrafts equipped with the technology to receive flight, traffic and weather information about other aircrafts currently in the air in their vicinity.
The other one is the Aircraft Communications Addressing and Reporting System, which is used to exchange messages between aircrafts and air traffic controllers via radio or satellite, as well as to automatically deliver information about each flight phase to the latter.
Both of these technologies are massively insecure and are susceptible to a number of passive and active attacks. Teso misused the ADS-B to select targets, and the ACARS to gather information about the onboard computer as well as to exploit its vulnerabilities by delivering spoofed malicious messages that affect the "behavior" of the plane.
Here are some of the functions Teso showed to the HITBSecConf Amsterdam audience:
Please go here: A way of interacting with the plane where the user can dynamically tap locations on the map and change the plane's course.
Define area: Set detailed filters related to the airplane, for example activate something when a plane is in the area of X kilometers or when it starts flying on a predefined altitude.
Visit ground: Crash the airplane.
Kiss off: Remove itself from the system.
Be punckish: A theatric way of alerting the pilots that something is seriously wro
|
|
Add your comment (free registrationrequired)
Short overview of recent news articles |
|
Oct,21 2025 Retro Gaming PC Upgrades go WRONG! Oct,21 2025 How social media has ruined us – the more time you spend online, the Oct,20 2025 FERRARI 12 CILINDRI // 340KMH REVIEW on AUTOBAHN Oct,20 2025 ROG Xbox Ally X - a PC Gamer's Perspective Oct,20 2025 Race Highlights | 2025 United States Grand Prix Oct,18 2025 RedMagic Puts Liquid Cooling in its New Gaming Phone Oct,18 2025 Russia Says U.S. Is Planning a $37 Trillion Crypto Reset Oct,18 2025 Tor Browser says no to Firefox's AI features as it removes them Oct,14 2025 NVIDIA GeForce 581.57 WHQL Driver Oct,13 2025 Samsung One UI 8.5 vs iOS 26 - COMPARISON Oct,12 2025 Google Turned Down by Supreme Court, Must Open up App Payments Oct,10 2025 AMD releases new 25.10.1 preview graphics driver with Battlefield 6 Oct,10 2025 MERCY Official Trailer (2026) Chris Pratt Oct,07 2025 Galaxy S26 Ultra - Samsung, Please Don't Copy This Oct,06 2025 Canada's Las Vegas Sphere is here - and I game on it Oct,06 2025 Predator: Badlands - Official Final Trailer (2025) Oct,04 2025 Chasing a Gaming World Record Oct,02 2025 Frankenstein - Official Trailer (2025) Guillermo del Toro, Oscar Oct,02 2025 iPhone 17 Pro Max vs 16 Pro Max / Pixel 10 Pro XL / Galaxy S25 Ultra Sep,30 2025 iOS 26.0.1 is Out! - What's New? Sep,30 2025 NEW! 2026 Audi Q3 2.0 TFSI (265hp) vs. e-hybrid (272hp)| 0-100 km/h Sep,29 2025 Samsung One UI 8.5 Hands on - I Was Wrong Sep,28 2025 iPhone Air Teardown - What is 3D Printed Titanium? Sep,28 2025 Nvidia Wouldn't Send Me This $30,000 GPU - H200 Holy $H!T Sep,27 2025 The Astronaut - Official Trailer (2025) Kate Mara, Laurence Sep,25 2025 iPhone 17 Durability Test -- What Scratches are Permanent? Sep,23 2025 iPhone 17 Pro Max vs. Galaxy S25 Ultra Drop Test! Sep,21 2025 Race Highlights: A Swing In The Drivers' Title Fight? | 2025 Sep,21 2025 BYD Yangwang U9 Hits 496.22 KM/H - EV Supercar Speed Record Sep,21 2025 I'm FIRST to Unbox The World's Biggest TV Sep,21 2025 Samsung Begins Rollout of Android 16 to Rest of Lineup Sep,21 2025 iOS 26 Now Available, with Visual Intelligence Sep,21 2025 Apple's iPhone 17 Series is Nearly Hack-Proof Sep,21 2025 Qualifying Highlights - 2025 Azerbaijan Grand Prix Sep,20 2025 iPhone 17 Pro vs Samsung S25 Ultra Camera Comparison! Sep,20 2025 iPhone Air Durability test -- I AM SHOCKED Sep,15 2025 Microsoft warns Office 2016/2019 users to switch to the cloud as Sep,15 2025 Get Windows 11 25H2 Right Now Sep,14 2025 iPhone 17 Pro VS iPhone 16 Pro VS iPhone 15 Pro VS iPhone 14 Pro Sep,11 2025 What's the AMD Alternative to an RTX 5070?
>> News Archive <<
| |
|
