Just an Android smartphone could be used by terrorists to hack into an aircraft’s control system, a security expert has warned.
Pilot and security consultant Hugo Teso revealed at this year’s Hack in the Box conference (in Amsterdam) that he has spent the last three years developing an application potentially capable of this.
Teso demonstrated how his Android app PlaneSploit could be used to hack into a plane’s security system and give the users control of the aircraft’s speed, altitude, and direction to provide a stark warning to the aviation industry. “You can use this system to modify approximately everything related to the navigation of the plane,” he told Forbes.
“That includes a lot of nasty things.” The PlaneSploit is designed to work only in virtual environments, but its creator was quick to point out that it could be modified to work on a real aircraft.
However, aviation security firms have expressed scepticism about Teso’s claims, with the Federal Aviation Administration (FAA) claiming that the technology he demonstrated “does not pose a flight safety concern”.
“The FAA is aware that a German information technology consultant has alleged he has detected a security issue with the Honeywell NZ-2000 Flight Management System (FMS) using only a desktop computer,” read a statement from the FAA.
“The FAA has determined that the hacking technique described during a recent computer security conference does not pose a flight safety concern because it does not work on certified flight hardware.
“The described technique cannot engage or control the aircraft’s autopilot system using the FMS or prevent a pilot from overriding the autopilot. Therefore, a hacker cannot obtain ‘full control of an aircraft’ as the technology consultant has claimed.”