DHS Issues Hacking Alert to Small Plane Owners

first_imgThe Department of Homeland Security has issued a security alert for small plane owners, warning them that modern flight systems remain vulnerable to hacking if someone manages to gain physical access to an aircraft.An alert from the DHS critical infrastructure computer emergency response team recommends that plane owners restrict unauthorized physical access to their aircraft until the industry comes up with safeguards to address the issue, which was discovered by Boston-based cybersecurity company Rapid7.The agency adds there is no evidence that anyone has exploited the vulnerability at this point, but that officials had confirmed the security flaw and decided that it was necessary to issue the alert.Rapid7’s tests showed that an attacker could possibly disrupt electronic messages from being transmitted across a small plane’s network by attaching a small device to the aircraft’s wiring. Subsequently, engine readings, compass data, altitude and other readings “could all be manipulated to provide false measurements to the pilot,” states the DHS alert.Large aircraft typically use more complex systems and are required to meet additional security requirements. The DHS alert also does not apply to older small planes, which use mechanical control systems.Jeffrey Troy, president of the Aviation Information Sharing and Analysis Center, echoes the need to improve security in networked operating systems, but adds that hacking depends on being able to bypass physical security controls that are mandated by law. He concludes that with access, “you have hundreds of possibilities to disrupt any system or part of an aircraft.”The Federal Aviation Administration said in its own statement that a hacking scenario is unlikely, but that the Rapid7 report is “an important reminder to remain vigilant” regarding physical and cybersecurity aircraft procedures.last_img

Leave a Reply

Your email address will not be published. Required fields are marked *