Wi-Fi on Planes is Vulnerable to Inflight Hacking

Uploaded on 2015-04-22 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

United-IFE-Infographic-e1385522458457-548x300.jpg

Hackers on commercial flights could now bring down the plane they are on by using the on board Wi-Fi, a US government watchdog has warned.
The US Government Accountability Office (GAO) does not suggest it would be easy to do but it points out that as airlines and the Federal Aviation Administration attempt to modernise planes and flight tracking with Internet-based technology, attackers have a new vulnerability they could exploit.
The report highlights the fact that cockpit electronics are indirectly connected to the passenger cabin through shared IP networks. The connection between passenger-accessible systems and the avionics of the plane is heavily moderated by firewalls, but information security experts have pointed out that firewalls, like all software, can never be assumed to be totally infallible.
 “According to cybersecurity experts we interviewed, internet connectivity in the cabin should be considered a direct link between the aircraft and the outside world, which includes potential malicious actors,” the report adds.
The report praises the FAA for the steps it has taken to get its cybersecurity policies in order, but says that “opportunity exists for further action”, and particularly highlights as a cause for concern the fact that cybersecurity responsibility is split over multiple FAA offices.
A worst case scenario is that a terrorist with a laptop would sit among the passengers and take control of the airplane using its passenger Wi-Fi, said Rep. Peter DeFazio, an Oregon Democrat on the House Transportation and Infrastructure Committee who requested the investigation.
Guardian: http://bit.ly/1zg0G3P

« Cloud-based Business Intelligence Goes Mainstream
Planes Without Pilots »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CERT.GOV.AZ

CERT.GOV.AZ

Azerbaijan Government Computer Incident Response Team

Cybonet

Cybonet

Cybonet provides easy to deploy, flexible and scalable security solutions that empower organizations of all sizes to actively safeguard their networks in the face of today’s evolving threats.

OneSpan

OneSpan

OneSpan (formerly Vasco Data Security) is a global leader in digital identity security, transaction security and business productivity.

Digital Innovation Hub Slovenia (DIH)

Digital Innovation Hub Slovenia (DIH)

DIH Slovenia is a central hub providing services to grow digital competencies in areas including robotics, IoT, cyberphysical systems and cybersecurity.

BigWeb Technologies

BigWeb Technologies

BigWeb Technologies is dedicated to provide its clients with ICT related services including Infrastructure Solutions, Consultancy and Security.

Red Piranha

Red Piranha

Red Piranha's Crystal Eye Unified Threat Management Platform is designed for Managed Service Providers and corporations that need extreme security that is both easy to use and affordable.

Charterhouse Voice & Data

Charterhouse Voice & Data

Charterhouse is your trusted technology partner - designing, provisioning and supporting the technology that underpins your operations including network security and data compliance.

Regulativ.ai

Regulativ.ai

Regulativ.ai is an innovative and comprehensive platform, driven by AI, to address the regulatory and compliance needs of Cyber Security Regulatory compliance and reporting.

SpiderOak

SpiderOak

SpiderOak's portfolio of Secure Communication & Collaboration products ensure the confidentiality, integrity, and availability of your most sensitive data in any environment.

Ascent Solutions

Ascent Solutions

Ascent is built to help firms evolve their cybersecurity posture, modernize their Microsoft solutions, and accelerate their journey to the cloud.

Whitaker Brothers

Whitaker Brothers

Whitaker Brothers data destruction equipment can be found in 115 countries and every single continent in the world, from major military organizations to small offices.

AuthMind

AuthMind

Prevent your next identity-related cyberattack with the AuthMind Identity SecOps Platform. It works anywhere and deploys in minutes.

Strobes Security

Strobes Security

Strobes is among the world’s first cybersecurity platforms specifically designed for end-to-end continuous threat exposure management.

Cyber Advisors

Cyber Advisors

Cyber Advisors offers customizable cyber security solutions and IT services for businesses of all sizes across the nation from experts you can trust.

System Two Security

System Two Security

System Two Security automates detection engineering and threat hunting.

DevSecFlow

DevSecFlow

DevSecFlow is at the forefront of enterprise-grade cybersecurity solutions, specializing in secure product and software development.