U.S. government documents warn that it is only “a matter of time” until a commercial airliner is hacked.
A 2017 risk summary and report prepared for the Aviation Cyber Initiative Research and Development (ACI R&D) program concludes “early testing indicates that viable attack vectors exist that could impact flight operations.”
The summary also raises concern over the possibility that the airline industry could choose to ignore any findings over fears of negative impact.
“Due to the nature of this testing, any potential vulnerabilities discovered could have wide-ranging and significant economic impact to industry stakeholders to the aviation transportation community,” the summary states. “There is risk in that if industry chooses not to recognize the importance or validity of the testing they could move to suppress or invalidate the test results that could render the program ineffective.”
A 2018 presentation from the Pacific Northwest National Laboratory (PNNL), a Department of Energy (DOE) research group aiding the DHS project, states that a “cyber security breach on an airline” could occur at any time.
“Potential of catastrophic disaster is inherently greater in an airborne vehicle,” the presentation says.
The DHS project, which began in 2016, made headlines last year after a group of government, industry and academic officials successfully hacked a Boeing 757 parked on a tarmac.
“We got the airplane on Sept. 19, 2016. Two days later, I was successful in accomplishing a remote, non-cooperative, penetration,” Robert Hickey, aviation program manager for the Cyber Security Division of the DHS Science and Technology (S&T) Directorate, told Avionics.
While details of the hack are classified, Hickey says the team was able to access the aircraft’s systems through radio frequency (RF) communications.
“I didn’t have anybody touching the airplane, I didn’t have an insider threat,” Hickey said. “I stood off using typical stuff that could get through security and we were able to establish a presence on the systems of the aircraft.”
According to Cox, the documents suggest the DHS and its team may have already carried out another test in an attempt to uncover more vulnerabilities.
“Listed in a 2016 DHS presentation are several planned tests, including ‘external RF,’ seemingly referring to the previously reported test,” Cox writes. “The document then mentions another test, this time focused on Wi-Fi and in-flight entertainment systems, and designated to the PNNL researchers.”
The PNNL presentation also mentions an attempted hack against an aircraft’s “Wi-Fi internet & information distribution system,” but includes conflicting information on the test’s success.
Although risks exist, John Hultquist, director of intelligence analysis at cybersecurity firm FireEye, told Cox that the likelihood of such an attack still remains rare.
“We have no information suggesting there has been any attempt by nation state actors to hijack or manipulate airplanes,”Hultquist said. “Even if such a thing were possible, the repercussions from such an operation would probably dissuade the most sophisticated nation states.”