April 12, 2013
The Hack in the Box (#HITB2013AMS) security conference in Amsterdam has a very interesting lineup of talks [pdf]. One that jumped out was the Aircraft Hacking: Practical Aero Series presented by Hugo Teso, a security consultant at n.runs in Germany. According to the abstract, “This presentation will be a practical demonstration on how to remotely attack and take full control of an aircraft, exposing some of the results of my three years research on the aviation security field. The attack performed will follow the classical methodology, divided in discovery, information gathering, exploitation and post-exploitation phases. The complete attack will be accomplished remotely, without needing physical access to the target aircraft at any time, and a testing laboratory will be used to attack virtual airplanes systems.
While keeping an eye on Twitter #HITB2013AMS, greatly interesting tweets started to appear as hackers who attended were excited. I will add some of those throughout this article.
Before his presentation, Teso recommended that people should have a littlebackground knowledge on aviation and aircraft systemsto better understand what he was going to explain. Here’s a few important facts: Automated Dependent Surveillance-Broadcast (ADS-B) has no security as was pointed out at Def Con 20 shortly before a hacker was able to inject ghost planes into radar. It is unencrypted and unauthenticated. Teso said, “Attacks range from passive attacks (eavesdropping) to active attacks (message jamming, replaying, injection.” The Aircraft Communications Addressing and Reporting System (ACARS) also has no security; it “is used for exchanging text messages between aircraft and ground stations via radio (VHF) or satellite.” Although his talk did not focus on the vulnerabilities in those two protocols, he used them to find targets.
This article was posted: Friday, April 12, 2013 at 4:56 am