Aviation securityGlobal air control system largely defenseless against hacking
The ADS-b system, the multi-billion dollar communication system deployed at airports around the world over the last few years, has two major flaws: first, it has no means of verifying who is actually sending a message, which means that a hacker can impersonate an aircraft and send malicious and misleading information to control towers and to other aircraft; second, the position, velocity, and other information broadcast by aircraft is not encrypted and can be grabbed from the air; a presenter at the Black Hat cybersecurity event showed how it is possible to use the information to plot the route of Air Force Phone on an iPad; these two vulnerabilities can be easily exploited by anyone with modest technical skills and about $2,000 worth of electronics
Air traffic control systems are largely defenseless against hacking // Source: buffalo.edu
The world’s air traffic control system is exceedingly vulnerable to hackers. This reality was demonstrated yesterday, Thursday, by Andrei Costin at a Black Hat gathering of cyber defenders in Las Vegas.
“This is for information only,” Costin emphasized as he outlined how someone with modest tech skills and about $2,000 worth of electronics could vex air traffic controllers or even stalk celebrities traveling in private jets. “Everything you do is at your own risk.”
AFP reports that Costin was pointing to the vulnerability of the ADS-B system, a multi-billion dollar communication system deployed in many airports around the world over the last few years for the purpose of improving communications between aircraft and control towers, and among aircrafts while in flight.
The glaring flaw of the ADS-b system: it has no means of verifying who is actually sending a message. This oversight by the system’s designers allows hackers to impersonate aircraft. “There is no provision to make sure a message is genuine,” he said. “It is basically an inviting opportunity for any attacker with medium technical knowledge.”
If air traffic controllers suspect the signal comes from a fake airplane, the only way available to them to ascertain the identity of signal sender is to resort to cross-checking flight plans, putting portions of air space off limits while they work.
“Imagine you inject a million planes; you don’t have that many people to cross-check,” Costin said. “You can do a human resource version of a denial of service attack on an airport.”
AFP notes that aviation agencies have experience identifying and locating rogue transmitters on the ground, but not at countering signals from drones or other robotic aircraft which are becoming more common and available.
Costin said that another danger in the new-generation air traffic control system is that position, velocity, and other information broadcast by aircraft is not encrypted and can be snatched from the air. “Basically, you can buy or build yourself a device to capture this information from airplanes,” Costin said.
In his Black Hat presentation, Costin showed how a friend of his was able to identify a plane broadcasting the identification numbers of Air Force One, the military jet used by the U.S. president, and plot Air Force One’s route on a map on an iPad.
“It can be a very profitable business model for criminals to invest a small amount of money in radios, place them around the world” and then sell jet tracking services or information about flights, Costin said. “If it was Air Force One, why does Air Force One show itself?” Costin wondered aloud. “It is a very high profile target and you don’t want everyone to know it is flying over your house.”
Since aircraft registration numbers are public — there are Web sites with databases matching aircraft registration numbers with the aircraft owners — this means that criminals or terrorists can track Air Force One or any other private plane for the purpose of doing harm to it. Air Force One is equipped with anti-missile defenses and jammers, and it always accompanied by a protective envelope of fighter planes, but other private are not, and are thus vulnerable.