Wi-Fi on Planes is Vulnerable to Inflight Hacking

Uploaded on 2015-04-22 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

United-IFE-Infographic-e1385522458457-548x300.jpg

Hackers on commercial flights could now bring down the plane they are on by using the on board Wi-Fi, a US government watchdog has warned.
The US Government Accountability Office (GAO) does not suggest it would be easy to do but it points out that as airlines and the Federal Aviation Administration attempt to modernise planes and flight tracking with Internet-based technology, attackers have a new vulnerability they could exploit.
The report highlights the fact that cockpit electronics are indirectly connected to the passenger cabin through shared IP networks. The connection between passenger-accessible systems and the avionics of the plane is heavily moderated by firewalls, but information security experts have pointed out that firewalls, like all software, can never be assumed to be totally infallible.
 “According to cybersecurity experts we interviewed, internet connectivity in the cabin should be considered a direct link between the aircraft and the outside world, which includes potential malicious actors,” the report adds.
The report praises the FAA for the steps it has taken to get its cybersecurity policies in order, but says that “opportunity exists for further action”, and particularly highlights as a cause for concern the fact that cybersecurity responsibility is split over multiple FAA offices.
A worst case scenario is that a terrorist with a laptop would sit among the passengers and take control of the airplane using its passenger Wi-Fi, said Rep. Peter DeFazio, an Oregon Democrat on the House Transportation and Infrastructure Committee who requested the investigation.
Guardian: http://bit.ly/1zg0G3P

« Cloud-based Business Intelligence Goes Mainstream
Planes Without Pilots »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

PubNub

PubNub

PubNub enables developers to build secure realtime Mobile, Web, and IoT Apps.

CGI Group

CGI Group

CGI is a leading IT and business process services provider. Services include IT consulting, Systems Integration, Application Development, Infrastructure, Business Processes, Digital IP.

Cyber Security Centre - University of Hertfordshire

Cyber Security Centre - University of Hertfordshire

The Cyber Security Centre provides training, teaching and research in the fast paced topics of cyber security and digital forensics.

Cyber Akademie (CAk)

Cyber Akademie (CAk)

Cyber Akademie is a training and education center providing high-quality training and information events on information security and data protection.

GraVoc

GraVoc

GraVoc is a technology-consulting firm committed to solving business problems for customers through the development, implementation, & support of technology-based solutions.

Matias Consulting Group (MCG)

Matias Consulting Group (MCG)

Your Business needs competitive and resilient ICT solutions. MCG defines, deploy & support them enabling you to focus on your core business.

Vaadata

Vaadata

Vaadata are experts in ethical hacking. We secure your web, mobile and IoT platforms.

Socure

Socure

Socure’s identity verification increases auto approval rates, reduces false positives and captures more fraud. In real time.

FPT Software

FPT Software

As a leading technology service provider, FPT assists customers of all sizes and from any industries in implementing and adapting digital technologies including cybersecurity.

Department of Homeland Security (DHS) - USA

Department of Homeland Security (DHS) - USA

The Department of Homeland Security has a vital mission: to secure the nation from the many threats we face. Our duties are wide-ranging, but our goal is clear - keeping America safe.

Strategic Security Solutions (S3)

Strategic Security Solutions (S3)

S3 is a leading provider of Cybersecurity consulting services for Identity and Access Governance (IAG), Zero Trust, and Enterprise Risk and Compliance.

InQuest

InQuest

InQuest specialize in providing comprehensive network-based security solutions that empower organizations to protect their most critical assets: their people.

Liquid C2

Liquid C2

Liquid C2 offers leading solutions to streamline workplace operations, secure cloud storage, rapid data recovery, and scale growth.

EyBrids

EyBrids

As a forward-thinking cybersecurity consulting firm, we believe that robust security is the foundation for innovation and growth in today’s digital landscape.

SKADI Cyber Defense

SKADI Cyber Defense

At SKADI Cyber Defense, we specialize in enterprise-grade cybersecurity solutions tailored for small to medium businesses.

Unosecur

Unosecur

Unosecur is a comprehensive identity security platform that addresses identity-related threats in multi-cloud and on-premise environments.