Warning For Pilots To Counter Airborne Hacking

As the military helicopter lifts off the ground and heads skyward, the numbers on the altimeter suddenly stop ticking upward. The rumble of the helicopter’s engines fades and the chopper starts losing altitude. A second later, a dire warning flashes in red on a cockpit screen: “Cyber Anomaly.”

The helicopter is under attack, but not from missiles or guns. Seconds later, it smashes into the ground. But this pilot is not in a real helicopter, just a small simulator set up in a conference room of a high-rise office building in Virginia.

The pilot is in fact part of a Raytheon team that is building a new warning system it calls CADS (Cyber Anomaly Detection System) that tells pilots when their planes are being hacked, something the US military expects to happen in the battles of the future.

Speaking to DefenseOne, a  Raytheon spokesman said,  “Basically, we’re trying to give the pilot the information about what’s happening internally on his aircraft in real time.... we’re telling him what’s going on and allowing him to make decisions about what he needs to do to correct the problems.”

Inside most aircraft, important electronics are plugged into a serial data bus. The bus used in many U.S. military planes was developed in the 1970s and “still have not been updated for security,” according to Raytheon.

“You GPS talks on it, your fuel valve switches are on it, your autopilot is on it and other avionics systems all communicate over this bus,” Fry said. “What we found is as technology has increased and more and more [commercial] products are put in aircraft, there’s more of an attack surface for cyber threats to go onto the platform.”

Raytheon began developing this Cyber Anomaly Detection System three years ago after receiving “customer feedback” about “vulnerabilities in aviation platforms,” Raytheon is funding the project itself won’t say if the systems is deployed on U.S. military aircraft.

Pentagon officials have increasingly been talking about weapon cyber vulnerabilities and the need for companies “harden” their products. Hackers can get into military and commercial aircraft, vehicles, and even missiles and bombs by infecting them with malware, by plugging an infected cell phone into one of the aircraft’s USB ports, or even wirelessly. 

In the simulation the the helicopterwas injected with malicious code wirelessly from a tablet. The code caused the helicopter’s engines to shut down. While the pilot was able to disable the helicopter’s wireless receiver before hitting the ground, he was not able to stop its fall.

Raytheon says the technology could be used to detect cyber intrusions on drones, vehicles or even missiles and although its product can currently only detect attacks, new versions may be able to fight them off and repair the damage.

“In the future we’re looking more in that direction, but right now we’re starting with a passive system, so we won’t interfere with the bus......We’re just going to leave the human in the loop and leave the pilot in control and make him aware of his surroundings so that he can take the actions.” Raytheon's spokesman said.

Raytheon:           DefenseOne:       

You Might Also Read:

Aircraft Can Be Successfully Hacked In-Flight:

 

« Using Blockchain Against Counterfeit & Forgery
Serious Cyber Attacks In Singapore Reflect Poor Cyber Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Chatham House Cyber Conference

Chatham House Cyber Conference

14 June 2023 - Connect with cyber security experts and senior policymakers to explore the role of cyber security in the global economy and how to deliver an open and secure internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Bob's Business

Bob's Business

Bob's Business adopts a fresh approach to information security awareness and compliance training, delivering key information through the use of short animated movies.

Zenith Infotech

Zenith Infotech

Zenith Infotech provide IT consulting and turnkey solution development services including aspects of security.

Prewen

Prewen

Prewen provide solutions to protect sensitive data across the organisation.

CSIRT Malta

CSIRT Malta

CSIRT Malta supports critical infrastructure organisations in Malta on how to protect their information infrastructure assets and systems from cyber threats and incidents.

FarrPoint

FarrPoint

FarrPoint is a specialist telecoms consultancy providing a range of services including cyber security assessments and technical assurance to safeguard your data.

Awen Collective

Awen Collective

Awen Collective develops software-based tools for performing Digital Forensics, Incident Response and Cyber-Crime Investigation.

Kryptus

Kryptus

Kryptus provides a wide array of solutions for hardware, firmware and software ranging from semiconductors to complex digital certificate management systems.

ICS Defender

ICS Defender

ICS Defender provides a platform for promoting SCADA security knowledge along with associated services for the security of industrial control systems.

Seekurity

Seekurity

Seekurity is an information security consulting firm specialized in all areas of Cyber Security including Penetration Testing, Vulnerability Assessments and Risk Management.

Get Safe Online

Get Safe Online

Get Safe Online is a leading source of unbiased, factual and easy-to-understand information on online safety.

Vector Informatik

Vector Informatik

Vector Informatik is a specialist in automotove electronics and provides services, embedded software and tools for securing embedded systems against cyber-attacks.

Extreme Engineering Solutions (X-ES)

Extreme Engineering Solutions (X-ES)

Extreme Engineering Solutions is a leader in the design, manufacture, testing, and support of hardware and software solutions for the embedded computing market.

PCS Security (PCSS)

PCS Security (PCSS)

PCS Security provides secure, reliable and state-of-the-art security solutions to help our customers address their security concerns.

Rausch Advisory Services

Rausch Advisory Services

Rausch delivers solutions that address compliance, enterprise risk, information technology and human resource capital.

MedSec

MedSec

MedSec is the only company of its type focused solely on cybersecurity for hospitals and medical device manufacturers, offering both a cybersecurity software solution and consulting services.

Digital Catapult

Digital Catapult

Digital Catapult is the UK authority on advanced digital technology. We bring out the best in business by accelerating new possibilities with advanced digital technologies.