Our planes are now 'big flying mobile devices' and top hacking targets

Our planes are now 'big flying mobile devices' and top hacking targets

If we don't change our "closed network thinking," the situation could become very serious in the future.


A rapid increase in the power and scale of cyberattacks has affected industries worldwide and the aviation sector is no exception.

We've begun to skim the top of what a successful cyberattack against a player in the aviation industry can achieve. In 2015, for example, LOT was forced to cancel 10 flights and delay over a dozen after a successful cyberattack was launched against the Polish airline's ground systems.

We've also seen passport control systems disrupted at Istanbul's Ataturk and Sabiha Gokcen airports and earlier this year, cyberattackers were able to hijack flight information screens and sound systems inside Vietnam's Noi Bai and Tan Son Nhat airports to display their own political messages.


Fortunately, there have been no incidents so far which have seriously placed fliers at risk while they are in the air and are the responsibility of air traffic control and pilots.

However, some security experts believe it is only a matter of time before cyberattacks lead to something far more dangerous than a canceled flight or long check-in queue.

Venafi chief cyber-security strategist Kevin Bocek told ZDNet that in many cases aviation computer systems are "more vulnerable to attack than other critical systems such as those used in banking and retail" and are yet to catch up to modern cybersecurity standards.

Booking systems, for example, are updated often and designed with threat defense in mind but other systems -- such as air traffic control and ground-to-aircraft communications -- were created originally to operate over closed networks, and are therefore updated with security improvements and threat signatures less often.

According to Bocek, while modern applications are "built assuming there is no perimeter," the use of outdated software and old, vulnerable code in aviation systems highlight "closed network thinking" which offers fewer internal defenses against attackers that breach a system.

In order to get there, however, attackers need to pick an attack vector.

In-flight Wi-Fi and entertainment systems alongside air traffic control, booking systems and communication systems may be targets. On the aircraft itself, the network topology of the aircraft -- including passenger entertainment and owned devices domains, airline information services, aircraft control domain and data processing systems which all share SATCOM equipment - are also potential areas to exploit.

Ruben Santamarta, principal security consultant at IOActive told ZDNet that an additional problem is that avionics systems should be present in the aircraft control domain, which ideally should be physically separate from passenger network domains.