Alleged Airline Hack May Expose Transit Vulnerabilities
Airplanes aren't the only ones that could become targets, experts say.
-- An alleged hacking incident on a plane has raised questions about the prospect of someone remotely taking over the cockpit controls, which some industry and security experts fear is more possible than many would hope.
"Aviation is becoming more and more vulnerable as you add things like Wi-Fi and Bluetooth and now we have streaming sat-com [satellite communications] coming into your airplane," said Stephen Ganyard, a former Marine Corps fighter pilot and ABC News consultant. "So all these things make our lives easier, they make these fights more enjoyable as we travel around the world but it also makes us much more vulnerable."
These added technologies give "hackers the opportunity to inject themselves into places where we don't want them, such as cockpit controls," Ganyard said.
The concern was highlighted after the FBI issued an affidavit to search the computers belonging to security expert Chris Roberts, who told investigators that he hacked a plane's in-flight entertainment system 15 to 20 times and was also able to cause the engines to rev up, which allegedly led to "a lateral or sideways movement of the plane," according to court documents.
Robert Siciliano, an online safety expert with Intel security, has met Roberts in the past and described him as an "ethical hacker," sometimes called a "white hat."
"His expertise is not to take down a plane, it's to makes sure that doesn't happen,” Siciliano told ABC News of what he knows of Roberts' work.
Roberts declined to speak to ABC News but has been actively posting to his Twitter account.
Federal sources told ABC News that they believe it is extremely unlikely that someone could hack a plane's control system while in the air. United Airlines also said that the company is confident Roberts' claims are unfounded.
Siciliano said that it is entirely possible, and likely, that many planes have their various control systems on the same network as in-flight entertainment or communications networks, which creates an opportunity for a hacker to enter through one system and affect another.
"The airlines and the manufacturers, they're not going to disclose these vulnerabilities to the public and even if a researcher discovers them it's going to take time for an airline to make changes within their systems," Siciliano said.
"I would imagine that as a result of this particular exposure and vulnerability, everybody's taking a look at their existing systems," he said.
Airlines are not the only mode of transportation that needs to be concerned about possible hacks and other security lapses that could have deadly consequences, experts said.
Traffic light systems have been hacked both in real life and in the movies in the past, and Siciliano said that one threat facing such systems is vulnerable passwords that can be hacked just as any passwords could provide unintended access to personal systems.
Ganyard also pointed out how both ends of the technological spectrum -- from older systems to newer models that are reliant on technology -- pose their own problems.
"We've seen some really scary hacks of people having their cars hacked," Ganyard said. "They'll brake when they don't want them to brake, accelerate when they don't want to. Think about ships -- ships have satellite communications and that's a big opportunity for hackers to do things like shut down engines, freeze controls. All these things are vulnerable because they were designed before this cyber age.”