You can get some pretty cool gadgets that can be remote controlled by your smartphones and tablets, such as helicopters, cars, and even tanks. But who wants one of those when you can control the real think?
At the Hack in the Box security conference in Amsterdam this week, Hugo Teso, a pilot turned IT technician, demonstrated the ability to remotely hijack an airplane using a smartphone and a radio transmitter.
Thanks to his 12 years of experience as a commercial airline pilot, and 11 years experience in IT, Teso has a good idea how aviation systems work. He explained to attendees at Hack in the Box that two of the most important ones — the Automated Dependent Surveillance-Broadcast (ADS-B) and the Aircraft Communications Addressing and Reporting System (ACARS) — are completely unencrypted and unauthenticated.
That means that as long as you have the tools and the know-how, you can gain access to these systems remotely without having to break through any kind of security.
Teso demonstrated this with an “exploit framework” called SIMON and an Android app called PlaneSpoit, which you won’t find in Google Play. These applications, coupled with a radio transmitter, allowed Teso to search for vulnerabilities in a fleet of virtual aircraft (using real aircraft would be stupid and dangerous) and then deliver malicious messages that could affect the “behavior” of the plane.
Teso was then able to control the aircraft from his Android handset and change its flight path, as you’ll see in the short video below.
PlaneSploit uses the Flightradar24 live flight tracker to find aircraft in range, but it’s worth noting that Teso’s proof-of-concept could only be used in a virtual environment. In real life, you would need antennas capable of reaching a plane, or you’d have to hijack the actual antennas used by airlines.
Nevertheless, it’s pretty incredible that Teso was able to pull off this stunt using an Android smartphone and a few pieces of software. It’s even more incredible that the aviation industry — in which safety and security are of utmost importance — uses software that is so easily hacked.
Unsurprisingly, Teso hasn’t shared most of the juicy details regarding the tools he uses, because the vulnerabilities they exploit are yet to be fixed. He says, however, that he’s been “pleasantly surprised” by the industry’s reaction to his research and discoveries, which have vowed to aid him in his research.
Teso believes that it’ll be fairly easy to patch modern aviation systems and prevent these hacks. Thank goodness for that.