Flight App Vulnerability Could Enable Skyjacking

Modern aircraft have sometimes been called computers with wings, and as far back as 1994, long before hacking became high on society’s list of everyday concerns.

Today, the avionics equipment that runs many aircraft is considered  resistant to hacking, although not bulletproof. However, the inflight Internet access systems that connect passengers to the web are as vulnerable as any ground-based network to hackers.

Now, new concerns are being raised over aviation security as a critical problem with the potential to enable inflight hacking. 

Cyber security researchers at Pen Test Partners report that that Flysmart+, which is an iOS app for pilots to calculate aircraft takeoff performance, weight, and balance, developed by the Airbus subsidiary Navblue, that it is significantly vulnerable to practical attacks that could result in a cyber attack on departure. 

According to Cybernews, the Flysmart+ app had a security feature called App Transport Security (ATS) intentionally disabled. The feature enforces secure connections, and having it and any form of certificate validation disabled exposed the app to interception attacks over Wi-Fi. 

The ATS feature forces an app to use the HTTPS communication protocol, and when it is disabled, the app communicates with servers using insecure methods without encryption. This weakness can be used by attackers to intercept and decrypt potentially sensitive information in transit. This issue, though now fixed, could “enable tampering with, for example, the engine performance calculations, potentially resulting in a tailstrike or runway excursion on departure,” Pen Test Partners said. 

The researchers further demonstrated that a middleman could access data downloaded from Navblue servers, including SQLite databases containing information on specific aircraft, as well as take-off performance data. 
The researchers gave the example that with that control disabled, an attacker could potentially modify aircraft performance data or adjust airport information, like the length of the runway. 

Furthermore, since the app is constantly updated with aeronautical information (like procedures, how to safely depart from an airport, standard arrival routes, runway and taxiway information changes), attackers could target the Wi-Fi at a hotel where pilots typically stay and modify aircraft performance data.

After the vulnerability was disclosed in June 2022, Airbus released a public disclosure 19 months after the initial discovery. Nevertheless, the researchers mention that such changes could take a long time to fix.

Hackers have previously claimed to have been able to access the cockpit network through communication with the in-flight network. Many in-flight entertainment systems now have USB ports and some airlines run Wi-Fi. Both are potential entry points for the determined hacker to access all the plane’s computer systems.

Pen Test Partners:     Cybernews:    The Conversation:      Smithsonian:     I-HLS:    CSO Online:     

Aviation Stackexchange:      ZDNet:     Image: Kristopher Allison

You Might Also Read:

Ransomware Trends In The Aviation & Maritime Industries:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« Prioritising Data Privacy & Security
Build an Effective Endpoint Detection and Response Strategy »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

TechInsurance

TechInsurance

TechInsurance is America's top technology insurance company offering a range of technology related products including Cyber Liability insurance.

iLand

iLand

iland is a global cloud service provider of secure and compliant hosting for infrastructure (IaaS), disaster recovery (DRaaS), and backup as a service (BaaS).

Internet Storm Center (ISC)

Internet Storm Center (ISC)

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with ISPs to fight back against the most malicious attackers.

Snyk

Snyk

Snyk is the leader in developer security. We empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world.

Destel

Destel

Destel is a system integrator and provider of IT services focused on Advanced Network & Security Solutions.

Gradiant

Gradiant

Gradiant’s mission is to contribute to the growth and competitive improvement of Galician businesses through technology development and innovation using ICT.

ECOMPLY

ECOMPLY

ECOMPLY is an all-in-one GDPR Compliance Solution. Efficient data protection management system for businesses and DPOsomply.

ANSI National Accreditation Board (ANAB)

ANSI National Accreditation Board (ANAB)

ANAB is the largest accreditation body in North America. The directory of members provides details of organisations offering certification services for cybersecurity related standards.

Portuguese Institute for Accreditation (IPAC)

Portuguese Institute for Accreditation (IPAC)

IPAC is the national accreditation body for Portugal. The directory of members provides details of organisations offering certification services for ISO 27001.

SPARTA Consortium

SPARTA Consortium

SPARTA tackles hard innovation challenges, leading the way in building transformative capabilities and forming a world-leading cybersecurity competence network across the EU.

Cysiv

Cysiv

Cysiv SOC-as-a-Service combines all the elements of an advanced, proactive, threat hunting SOC, with a managed security stack for hybrid cloud, network, and endpoint security.

Adlumin

Adlumin

Adlumin Inc. provides the enterprise-grade security operations platform and managed detection and response services that keep mid-market organizations secure.

Gotham Digital Science (GDS)

Gotham Digital Science (GDS)

Gotham Digital Science is an international security services company specializing in Application and Network Infrastructure security, and Information Security Risk Management.

Nanitor

Nanitor

Nanitor is a powerful cybersecurity management platform focusing on hardening security fundamentals across your global IT infrastructure.

Willyama Services

Willyama Services

Willyama Services is a certified Information Technology and Cybersecurity professional services business providing services to government and private sector clients.

Lakera

Lakera

Lakera empowers developers and organizations to build GenAI applications without worrying about AI security risks.