Earlier we reported on a story about the potential vulnerability of airplanes to in-flight hacks. Well, another presenter at def-con would like to ease some of your worries about flight safety.
Phil Polstra assured an audience at this year’s DefCon that it is impossible to highjack a plane through its computing technology. Polstra, an associate professor at Bloomsburg University in the Department of Digital Forensics, stated this past week in Las Vegas, “One thing everyone needs to understand, you cannot override the pilot. You cannot override the pilot’s inputs in flight control. That system is closed.” This is because all aircraft contain mechanical backup instruments that cannot be hacked.
He also highlighted that the avionics network on commercial planes are not connected to anything that would make the flight path vulnerable. The ARINC 664, the most popular system used by airliners, is built on Ethernet but is not wireless nor connected to in-flight entertainment or wi-fi. If someone were to access the auto-pilot program, an alert would signal the pilot to disconnect it. In short, flights are very safe.
There are some weak points in the aviation system, however. Currently almost none of the protocols are encrypted says Polstra. That could lead to interference with air traffic control or smaller aircraft. Also, the communication system between the craft and ground control has the potential to be compromised. Once in the system, a hacker could send false reports of weather patterns or other delays that may re-route the plane. However, Polstra noted, there are several contingency plans in case of suspicious reports from ground stations. Pilots are trained to contact operators directly if they are unsure of messages coming in or to simply ignore them, thereby mitigating any potential threats. Polestra believes those kinds of attacks are impractical and therefore unlikely.