This page contains a Flash digital edition of a book.
TECH TALK


Hack an Aircraft SatCom VIA AN IN-FLIGHT ENTERTAINMENT SYSTEM?


Can Someone Really By John Pawlicki B


y the time this article is published, most of the aviation world has read about the statements of cyber security researcher Ruben Santamarta who claims that he has figured out how to hack


the satellite communications equipment on passenger jets through their Wi-Fi and inflight entertainment systems — a claim that, if confirmed, could (and should) prompt a review of aircraft security. This claim was presented at the Black Hat annual hacker conference in Las Vegas in August, and a white paper was actually published earlier by this research- er’s firm, IOActive.


WHAT CLAIM IS BEING MADE? Many of Santamarta’s claims have been rebuked by the satellite communication vendors whose products he identified in his report (which can be found at https:// www.blackhat.com/docs/us-14/materials/us-14- Santamarta-SATCOM-Terminals-Hacking-By-Air-Sea- And-Land-WP.pdf). This includes avionics from many of the largest vendors of communications equipment, such as Cobham Plc, Harris Corp, EchoStar Corp’s Hughes Network Systems, Iridium Communications Inc. and Japan Radio Co. Ltd. He claims to have to uncovered vulnerabilities by reverse engineering firmware from these products using publically-available data, manuals, etc. These vulnerabilities would allow a hacker to use a plane’s onboard Wi-Fi signal or inflight entertainment system to potentially disrupt satellite communications, which could interfere with other aircraft’s systems that depend upon SatCom. One particular vulnerability that Santamarta found in equipment made by all five manufacturers he identifies is the use of hardcoded logon credentials, which allows multiple persons to access a plane’s communications system using a single username and password. By reverse engineering the equipment’s firmware, hackers can obtain login credentials and penetrate each system using these credentials. The vendors who publicly responded (in other articles) noted that an attacker would need physical access to such equipment to make use this particular vulnerability. This is true, but it is still a bit disconcerting that such devices apparently only have one set of logon credentials for


10 2014 48


all users of their products on a global basis. (This is a guess based upon what was presented — hopefully this is wrong.) To summarize the other key findings, the main issues are the use of undocumented and/or insecure protocols (those that pose a security risk), weak password reset capabilities (mechanisms that allow resetting others’ passwords), and the use of backdoors (mechanisms used to access undocumented features or interfaces not intended for end users). Each of these should have been caught in a security assessment test prior to the product(s) reaching market. He has simulated such attacks/access in a laboratory


environment, but not in an operational situation. After documenting these and other findings, IOActive


apparently approached the U.S. government CERT Coordination Center and the vulnerable vendors identified to help remediate all security findings uncovered in the lab testing phase of IOActive research. In fact, IOActive provided them several months to enact changes prior to publishing its findings, in order to mitigate the risks to the industry. Other articles have quotes from a number of these named vendors which dismiss some of the claims, or their severity, but also providing some acknowledgement. In fact, an actual operational environment differs greatly from the virtual lab environment, so Santamarta’s findings, while interesting, are not exactly as severe as they first seem, while other issues may not be possible to duplicate in an operational situation in an aircraft.


WHAT DOES THIS MEAN TO THE AVIATION INDUSTRY? Anyone who understands how modern avionics systems are designed, integrated, managed and supported will be able to find significant issues with this researcher’s approach and findings. There are many, to be sure — but there are also red flags that should not be ignored. Let’s concentrate on those. We have reached a point where new eEnabled aircraft


have begun entering service, where iPads and other off-the-shelf consumer-industry devices are taking over cockpits/cabins/maintenance bays, and where wireless communications are replacing hard-wired communication capabilities. We are also preparing for NextGen, and it’s GPS-enabled, ADS-B-augmented, data-driven operations


DOMmagazine


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76  |  Page 77  |  Page 78  |  Page 79  |  Page 80  |  Page 81  |  Page 82  |  Page 83  |  Page 84