Warning For Pilots To Counter Airborne Hacking

As the military helicopter lifts off the ground and heads skyward, the numbers on the altimeter suddenly stop ticking upward. The rumble of the helicopter’s engines fades and the chopper starts losing altitude. A second later, a dire warning flashes in red on a cockpit screen: “Cyber Anomaly.”

The helicopter is under attack, but not from missiles or guns. Seconds later, it smashes into the ground. But this pilot is not in a real helicopter, just a small simulator set up in a conference room of a high-rise office building in Virginia.

The pilot is in fact part of a Raytheon team that is building a new warning system it calls CADS (Cyber Anomaly Detection System) that tells pilots when their planes are being hacked, something the US military expects to happen in the battles of the future.

Speaking to DefenseOne, a  Raytheon spokesman said,  “Basically, we’re trying to give the pilot the information about what’s happening internally on his aircraft in real time.... we’re telling him what’s going on and allowing him to make decisions about what he needs to do to correct the problems.”

Inside most aircraft, important electronics are plugged into a serial data bus. The bus used in many U.S. military planes was developed in the 1970s and “still have not been updated for security,” according to Raytheon.

“You GPS talks on it, your fuel valve switches are on it, your autopilot is on it and other avionics systems all communicate over this bus,” Fry said. “What we found is as technology has increased and more and more [commercial] products are put in aircraft, there’s more of an attack surface for cyber threats to go onto the platform.”

Raytheon began developing this Cyber Anomaly Detection System three years ago after receiving “customer feedback” about “vulnerabilities in aviation platforms,” Raytheon is funding the project itself won’t say if the systems is deployed on U.S. military aircraft.

Pentagon officials have increasingly been talking about weapon cyber vulnerabilities and the need for companies “harden” their products. Hackers can get into military and commercial aircraft, vehicles, and even missiles and bombs by infecting them with malware, by plugging an infected cell phone into one of the aircraft’s USB ports, or even wirelessly. 

In the simulation the the helicopterwas injected with malicious code wirelessly from a tablet. The code caused the helicopter’s engines to shut down. While the pilot was able to disable the helicopter’s wireless receiver before hitting the ground, he was not able to stop its fall.

Raytheon says the technology could be used to detect cyber intrusions on drones, vehicles or even missiles and although its product can currently only detect attacks, new versions may be able to fight them off and repair the damage.

“In the future we’re looking more in that direction, but right now we’re starting with a passive system, so we won’t interfere with the bus......We’re just going to leave the human in the loop and leave the pilot in control and make him aware of his surroundings so that he can take the actions.” Raytheon's spokesman said.

Raytheon:           DefenseOne:       

You Might Also Read:

Aircraft Can Be Successfully Hacked In-Flight:

 

« Using Blockchain Against Counterfeit & Forgery
Serious Cyber Attacks In Singapore Reflect Poor Cyber Security »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Booz Allen Hamilton

Booz Allen Hamilton

Booz Allen Hamilton is a management & tech consulting firm. Technology services include cloud computing, cyber security, systems development and integration.

Chatham House

Chatham House

Chatham House is an independent policy institute based in London. Topics cover foreign affairs and defence including cyber security.

Hillstone Networks

Hillstone Networks

Hillstone Networks offers a broad range of security solutions for enterprises and data center networks – whether physical, virtual, or in the cloud.

Olfeo

Olfeo

Olfeo is a content filtering software vendor. Our proxy and filtering solution helps our customers to manage, monitor and secure their Internet traffic.

Payatu

Payatu

Payatu Technologies is a security testing and services company specialized in Software, Application and Infrastructure security assessments and deep technical security training.

Digital Magics

Digital Magics

Digital Magics is an incubator for innovative startups which offer content and services with high technological value. Areas of focus include IoT, Enterprise Software, AI, Industry 4.0 and Blockchain.

tTech

tTech

tTech is the first and foremost company providing outsourced Information Technology solutions to businesses in Jamaica.

Rimstorm

Rimstorm

Rimstorm’s mission is to significantly improve the security of your data using award-winning, state-of-the-art technology combined with cyber managed security services.

Lavabit

Lavabit

Lavabit's Dark Internet Mail Environment is a secure, open-source, secure end-to-end communications platform for asynchronous messaging across the internet.

McKinsey & Company

McKinsey & Company

McKinsey & Company is a global management consulting firm. We are trusted advisor to the world's leading businesses, governments, and institutions.

Troye Computer Systems

Troye Computer Systems

Troye provide a complete range of digital workspace solutions that empower people to do their very best work in a safe and secure manner anywhere, anytime, using any device.

Cyderes

Cyderes

Cyderes (Cyber Defense and Response) is a global, pure-play, full life-cycle cyber security services provider formed from the merger of Herjavec Group and Fishtech Group in 2022.

Cloud Software Group

Cloud Software Group

Cloud Software Group provides mission-critical software to enterprises at scale.

BlazeGuard

BlazeGuard

At BlazeGuard, we understand that navigating the complex world of cybersecurity can be challenging. That’s why we make it our mission to simplify the process for you.

CardinalOps

CardinalOps

The CardinalOps platform continuously assesses your detection posture and eliminates coverage gaps in your existing detection stack so you can easily implement a threat-informed defense.

Lumos

Lumos

Lumos, the Unified Access Platform to manage all access to apps and data.