Flight App Vulnerability Could Enable Skyjacking

Uploaded on 2024-02-14 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Modern aircraft have sometimes been called computers with wings, and as far back as 1994, long before hacking became high on society’s list of everyday concerns.

Today, the avionics equipment that runs many aircraft is considered  resistant to hacking, although not bulletproof. However, the inflight Internet access systems that connect passengers to the web are as vulnerable as any ground-based network to hackers.

Now, new concerns are being raised over aviation security as a critical problem with the potential to enable inflight hacking. 

Cyber security researchers at Pen Test Partners report that that Flysmart+, which is an iOS app for pilots to calculate aircraft takeoff performance, weight, and balance, developed by the Airbus subsidiary Navblue, that it is significantly vulnerable to practical attacks that could result in a cyber attack on departure. 

According to Cybernews, the Flysmart+ app had a security feature called App Transport Security (ATS) intentionally disabled. The feature enforces secure connections, and having it and any form of certificate validation disabled exposed the app to interception attacks over Wi-Fi. 

The ATS feature forces an app to use the HTTPS communication protocol, and when it is disabled, the app communicates with servers using insecure methods without encryption. This weakness can be used by attackers to intercept and decrypt potentially sensitive information in transit. This issue, though now fixed, could “enable tampering with, for example, the engine performance calculations, potentially resulting in a tailstrike or runway excursion on departure,” Pen Test Partners said. 

The researchers further demonstrated that a middleman could access data downloaded from Navblue servers, including SQLite databases containing information on specific aircraft, as well as take-off performance data. 
The researchers gave the example that with that control disabled, an attacker could potentially modify aircraft performance data or adjust airport information, like the length of the runway. 

Furthermore, since the app is constantly updated with aeronautical information (like procedures, how to safely depart from an airport, standard arrival routes, runway and taxiway information changes), attackers could target the Wi-Fi at a hotel where pilots typically stay and modify aircraft performance data.

After the vulnerability was disclosed in June 2022, Airbus released a public disclosure 19 months after the initial discovery. Nevertheless, the researchers mention that such changes could take a long time to fix.

Hackers have previously claimed to have been able to access the cockpit network through communication with the in-flight network. Many in-flight entertainment systems now have USB ports and some airlines run Wi-Fi. Both are potential entry points for the determined hacker to access all the plane’s computer systems.

Pen Test Partners:     Cybernews:    The Conversation:      Smithsonian:     I-HLS:    CSO Online:     

Aviation Stackexchange:      ZDNet:     Image: Kristopher Allison

You Might Also Read:

Ransomware Trends In The Aviation & Maritime Industries:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Prioritising Data Privacy & Security
Build an Effective Endpoint Detection and Response Strategy »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

JumpCloud

JumpCloud

JumpCloud's Directory-as-a-Service (DaaS) is the single point of authority to authenticate, authorize, and manage the identities of a business’s employees and the systems and IT resources they need.

Lakeside Software

Lakeside Software

Lakeside Software is how organizations with large, complex IT environments can finally get visibility across their entire digital estates and see how to do more with less.

Singapore Cybersecurity Consortium

Singapore Cybersecurity Consortium

Singapore Cybersecurity Consortium was created to encourage use-inspired research, training and technology awareness in cybersecurity.

Coursera

Coursera

Coursera provides universal access to the world’s best education, partnering with top universities and organizations to offer courses online. Subject areas include Computer Security & Networks.

Digital Law

Digital Law

Digital Law is the only UK law firm to specialise solely in online, data and cyber law.

NTIC Cyber Center

NTIC Cyber Center

NTIC Cyber Center is an organization dedicated to making the National Capital Region (Washington DC) more resilient to cyber-attacks.

Cybriant

Cybriant

Cybriant Strategic Security Services provide a framework for architecting, constructing, and maintaining a secure business with policy and performance alignment.

Stratum Security

Stratum Security

Stratum Security is an information security consulting company that focuses on providing clear and concise risk guidance to its clients through high quality assessment services.

Urbane Security

Urbane Security

Urbane Security is a premier information security consultancy empowering the Fortune 500, small and medium enterprise, and high-tech startups.

KT Secure

KT Secure

KTSecure’s mission is to provide proven and productive cyber security solutions and managed services, backed by our highly qualified and passionate team of experts.

HEQA Security

HEQA Security

HEQA Security (formerly QuantLR) offer the world’s most cost-effective, easy-to-integrate, and secure Quantum Key Distribution (QKD) solution

Nudge Security

Nudge Security

Nudge Security offer the world's first-ever SaaS security solution to discover shadow IT and curb SaaS sprawl across any device or location and nudges employees towards optimal security behavior.

Single Point of Contact

Single Point of Contact

Single Point of Contact is a Managed IT Services provider that helps businesses to achieve a seamless and secure IT environment.

ASMGi

ASMGi

ASMGi is a managed services, security and GRC solutions, and software development provider.

CESAR

CESAR

CESAR is one of the premier R+D and innovation centers in Brazil and a designated Cybersecurity Competence Center.

Hicomply

Hicomply

Hicomply simplifies compliance management with smart, user-friendly tools, helping you scale your processes and stay in control - no matter how complex.