By Ori Bach
General Manager & VP of Products
Are We In Danger?
There is a rising concern today in aviation security. The potential for cyberattacks on aircraft, something that might just be as scary as it sounds, is becoming more realistic than ever.
Recently, the White House issued a new national strategy highlighting the emerging threats that “pose the greatest challenge to the entire Aviation Ecosystem,” and they put malicious cyber-attackers #1 on the list. It’s something that the Federal Aviation Administration, the Department of Defense and other agencies have been concerned about for many years.
With airplanes increasingly connected and computerized, the possibilities of hacking an airplane have become real. Attacks on commercial aircraft have occurred for the past several years, including hacks of data communications between pilots and controllers on the ground, airline operations systems and in-flight entertainment systems. Additionally, a cyberattack against Warsaw’s Chopin airport caused a number of flights to be delayed and cancelled altogether.
This shouldn’t come as a surprise, hackers have been using these tactics on airplanes for years.
The US government wanted to test how easy it is to hack into a Boeing 757 as it sat on the runway in New Jersey. They were easily able to accomplish a remote, noncooperative, penetration. The details of the hack were classified but they used a combination of radio frequency communications to break in; “It was no big deal” said the (ethical) hacker either. The pilots and staff members had no idea that the airplane was hacked and since the hacker didn’t touch the airplane, there was no insider threat.
Passenger airplanes today also have a Wi-Fi design that leave them vulnerable to hacking.Boeing 787s, as well as Airbus A350 and A380 airplanes, have Wi-Fi passenger networks that are on the same network as the avionics systems of the airplanes, raising the possibility that a hacker could hijack the navigation system or commandeer the plane through the in-plane network. When put to the test, security researchers were able to easily hack into the controls of a United Airlines plane in midair via the inflight entertainment system.
Back in 2013, a cyber researcher hacked an airplane’s controls system with just his cell phone!
These are just a few examples that illustrate that dangers that airline companies expose their passengers to – due to vulnerabilities that exist in passenger airplanes.
How can airline companies protect themselves?
Let’s go back to the beginning and look at how all these attacks happened. At TrapX Security, we like to ‘get into the head’ of the attackers and use an attacker’s mindset to think one step ahead.
First of all, all of these attacks have one thing in common – the hackers looked for a vulnerability and then they exploited it. This can be the airplane’s server, the radio frequency communications, the plane’s WI-FI system, or anything else that’s exploitable.
What if airline companies can emulate all of these systems and have them installed as traps on their airplanes? Any attack or tampering attempt would be instantly detected by the traps.
TrapX’s powerful emulations can take the shape of literally anything.
Our solution’s latest version, DeceptionGrid 6.2, enables customers to build their own traps – and they can be emulated to be anything – not just what cyber security companies currently have to offer. This can include an airplane server trap, a radio frequency communications trap, a WI-FI router trap, or anything that hackers can find as interesting to exploit and we can emulate it.
In addition, various unique traps can be created by our users and be shared in our user community: the DeceptionNet Community, where our users can also share deception strategies and best practices with one other.
When airline companies place these types emulated traps in their airplane systems, they can instantly detect if any malicious activity is happening. If a hacker tries to do any kind of attack on an airplane, he will encounter a trap and get caught instantly – alerting the airline’s security team – since nobody should be touching something that isn’t real.
When airports and aviation companies are empowered with this type of deception technology, they can truly protect passenger safety, while giving their customers a concrete sense of security while traveling and enabling them to reach their destination safely.
To learn more about the various approaches to cyber deception, and to better understand cybercriminals, check out the latest whitepaper by the SANS institute.