DHS Hacked Airliner Systems

Gemini Sparkle

Key Takeaways:

  • The Department of Homeland Security (DHS) successfully performed a remote, non-cooperative hack of a Boeing 757's internal systems while it was on the tarmac at Atlantic City Airport, gaining comprehensive access.
  • The method of penetration is classified, but a DHS expert confirmed they established a presence on the aircraft's systems without any physical contact or insider help.
  • While newer aircraft models offer more robust security, this vulnerability is shared by an estimated 90% of the existing aircraft fleet.
See a mistake? Contact us.

The Department of Homeland Security has reportedly told a cyber security conference it was able to hack the internal systems of a Boeing 757 sitting on the ramp at Atlantic City Airport with no help from anyone on board or anywhere near the aircraft. “We got the airplane on Sept. 19, 2016. Two days later, I was successful in accomplishing a remote, non-cooperative penetration,” DHS cyber security expert Robert Hickey is quoted as saying by Avionics Today. “[Which] means I didn’t have anybody touching the airplane, I didn’t have an insider threat. I stood off using typical stuff that could get through security and we were able to establish a presence on the systems of the aircraft.” Hickey was speaking at the CyberSat Summit in Virginia Nov. 8.

How the hack was done is classified but Hickey suggested it gave the hackers comprehensive access to the aircraft’s systems. Hickey noted that newer aircraft like the Boeing 737 MAX and 787 and Airbus’s new A350 have more robust security but 90 percent of the fleet has the same vulnerabilities as that 757. Two years ago a security researcher claimed to have gained access to an airliner’s flight systems through its entertainment system but those claims were never verified.

Sign-up for newsletters & special offers!

Get the latest stories & special offers delivered directly to your inbox

SUBSCRIBE

Please support AVweb.

It looks like you’re using an ad blocker. Ads keep AVweb free and fund our reporting.
Please whitelist AVweb or continue with ads enabled.