Sign up to our newsletter
While some experts claim the threat level for hacking planes is either impossible or very unlikely, as aircrafts adopt more wireless communications technology, this could change. In the UK, City University professor Dr David Stupples and a team of researchers are looking into ways of minimizing the risk in future.
Speaking to The Guardian, Stupples claims that a ‘digital compromise’ of an aircraft is possible, and that malware could be planted in aircraft systems in the form of a cyber bomb, where in-flight systems are disrupted sufficiently to cause a crash.
Stupples’ team is looking at innovative ways of preventing this. Their current ambition, according to City AM, is to build “a network in such a way that it could ‘reconfigure’ itself around the malware”. By spotting malware as soon as it appeared, Stupples explains that, “We can do that in a variety of ways which will hopefully not defeat, but outmaneuver the bad guys”. Shutting down non-essential systems would be the ‘most likely’ way to block hackers from getting to critical infrastructure.
While stating that it is possible, Stupples is keen to emphasize that any plane hacking is not currently a trivial exercise, and would require a great deal of knowledge for even the most experienced cybercriminal: “You have to get into the autopilot and to get into the autopilot and run it from somewhere you don’t know – it’s very difficult. You’ll have to have the whole network architecture of the flight system. And all of the interface points to that. Yes, it’s possible, but you have to have a great deal of knowledge.”
Indeed, as things stand, hacking airplanes could well be a overly complex way of causing mayhem. As Dr Phil Polstra, qualified commercial pilot and professor of digital forensics at Bloomberg University told The Guardian, physically ‘tinkering with the mechanics’ during maintenance would be a more obvious ‘hack’: “That would be a lot simpler and a lot more likely to be successful than a really high-tech attack.”
Author Alan Martin, ESET