It sounds incredible: the ability to tap into a commercial airliner’s onboard systems as it flies thousands of feet overhead. But a cyber expert told a security conference he’s managed to do just that — hundreds of times.
The Black Hat cybersecurity conference currently being held in Las Vegas brings together a variety of experts to discuss the risks, pitfalls — and locations — of flaws in computer networks.
Ruben Santamara of IOActive has found a doozy, Forbes reports.
He’s found a weakness in the satellite communications network which provides aircraft with a wide variety of services — from passenger Wi-Fi to weather forecasts.
He says that, had he been inclined, he could peek into every connected phone, tablet or laptop on planes streaming overhead. And he did this by tapping into the antennas beaming data directly to each aircraft.
While commercial airliner’s onboard systems remained out of his direct reach, Santamara warns the access he gained gave him the hypothetical power to damage specific parts of an aircraft as satellite communications technology allowed the transfer of energy via radio frequencies.
This could potentially cause burns or damage sensitive equipment, he said.
Forbes reports the cybersecurity expert as saying the satellite-link flaws enabled him to tap into cargo ships and oil tankers. He says it also gave him the ability to track the location of supposedly top secret military bases.
Santamara says he’s reported his findings to the relevant airlines, satellite operators and government agencies. Some exploits, he says, remain open.
“I think there are still [open]attack vectors,” he told Forbes, warning the weaknesses will not be easy to fix. “In certain cases, it’s more of a design issue. It’s not going to be easy.”