Android Phone Can Hijack a Plane
One of the German security consultants told the Hack in The Box Conference that it is possible to hijack a plane using Android. A researcher, who has been working in IT industry for the last 11 years and is also a trained commercial pilot, pointed out that the security of both aviation computer systems and communication protocols was very vulnerable.
According to the security expert, they managed to build an exploit framework called SIMON and an Android app called PlaneSploit which could deliver attack messages to the planes’ Flight Management System. They showed how it was possible to take complete control of a plain. The hack in question targeted the Automatic Dependent Surveillance-Broadcast, which sent data about each aircraft via an on-board transmitter to air traffic controllers in order to let a plane equipped with the technology to receive flight, traffic and weather data about other aircrafts nearby.
They also managed to hack the Aircraft Communications Addressing and Reporting System, used by the pilots to exchange messages between the plane and air traffic controllers either through a radio or satellite, and to automatically deliver data about each flight phase. The security researchers pointed out that both targeted technologies were very insecure and susceptible to a number of passive and active hacker attacks.
During the attacks, the experts showed how they could misuse the Automatic Dependent Surveillance-Broadcast to select targets, and the Aircraft Communications Addressing and Reporting System in order to collect data about the on-board PC and to exploit its vulnerabilities by delivering spoofed malicious messages affecting the “behavior” of an aircraft.
The researchers developed the SIMON framework which was deliberately created only to work in a virtual environment and can’t be used on real-life plane at the moment. They explained that it was virtually impossible to detect the framework once deployed on the Flight Management System, so there’s no need to disguise it like a rootkit.