Hackers could haunt global air traffic control: researcher

Jul 27, 2012
An air traffic controller monitors flights while working in the Terminal Radar Approach Control center in 2011 in Denver, Colorado. Air traffic control software used around the world could be exploited by hackers to unleash squadrons of ghost planes to befuddle those entrusted to keep the skies safe, a security researcher said Thursday.

Air traffic control software used around the world could be exploited by hackers to unleash squadrons of ghost planes to befuddle those entrusted to keep the skies safe, a security researcher said Thursday.

Cyprus-based Andrei Costin demonstrated his findings at a gathering of cyber defenders that ends Thursday in Las Vegas.

"This is for information only," Costin said as he outlined how someone with modest tech skills and about $2,000 worth of electronics could vex controllers or even stalk celebrities traveling in private jets.

"Everything you do is at your own risk."

Costin's target was an ADS-B system in place for aircraft to communicate with one another and with systems at airports.

The system, which has been rolled out internationally in recent years in a multi-billion dollar upgrade, was designed to better track aircraft so airport traffic can flow more efficiently.

A perilous flaw is that the system is not designed to verify who is actually sending a message, meaning that those with malicious intent can impersonate aircraft either as pranks or to cause mayhem, according to Costin.

"There is no provision to make sure a message is genuine," he said.

"It is basically an inviting opportunity for any attacker with medium technical knowledge."

Air traffic controllers faced with a signal from a fake airplane resort to cross-checking flight plans, putting relevant portions of air space off limits while they work.

"Imagine you inject a million planes; you don't have that many people to cross-check," Costin said. "You can do a human resource version of a on an airport."

attacks commonly used by hackers involve overwhelming websites with so many simultaneous online requests that they crash or slow to the point of being useless.

Aviation agencies are adept at identifying and locating "rogue transmitters" on the ground, but not at countering signals from drones or other robotic aircraft becoming more common and available, according to the researcher.

Another danger in the new-generation air system, according to Costin, is that position, velocity and other information broadcast by aircraft isn't encrypted and can be snatched from the air.

"Basically, you can buy or build yourself a device to capture this information from airplanes," Costin said.

He listed potential abuses including paparazzi being able to track private jets carrying celebrities or other famous people.

Costin showed how a friend was able to identify a plane broadcasting the identification numbers of Air Force One, the military jet used by the US president, and plot it on a map on an iPad.

"It can be a very profitable business model for criminals to invest a small amount of money in radios, place them around the world" and then sell jet tracking services or information about flights, the independent researcher said.

"If it was Air Force One, why does One show itself?" Costin wondered aloud. "It is a very high profile target and you don't want everyone to know it is flying over your house."

There are websites with databases matching aircraft registration numbers with listed owners.

Explore further: Bose sues Beats over headphone patents

add to favorites email to friend print save as pdf

Related Stories

US Air Force calls drone fleet virus a 'nuisance'

Oct 13, 2011

A computer virus that hit the US drone fleet last month created a "nuisance" but no serious threat to flight operations for the unmanned aircraft, the US Air Force said Wednesday. ...

NASA aircraft to study air pollution

Jun 29, 2011

(PhysOrg.com) -- Two NASA research aircraft will fly over the Baltimore-Washington area of northeastern Maryland through July as part of a mission to enhance the measurement of ground-level air quality from space.

Ames Researcher Revolutionizes Air Traffic

Mar 25, 2010

(PhysOrg.com) -- Forty-five years ago, 27-year old Heinz Erzberger arrived at NASA Ames Research Center, Moffett Field, Calif. armed with a new doctorate in mathematics and engineering. In 1973 Erzberger began ...

Space Image: Flight test

Jun 20, 2011

In this image from November 2010, the U.S. Air Force's ACAT F-16D flew through Sierra Nevada canyons and past peaks during ground collision avoidance test flights.

US Air Force: We want to use biofuels

Jul 19, 2011

The US Air Force is ready to switch to biofuels to help power its warplanes but the price of alternative fuels remains too high, military officials said Tuesday.

Audit: Air traffic systems vulnerable to attack

May 06, 2009

(AP) -- The nation's air traffic control systems are vulnerable to cyber attacks, and support systems have been breached in recent months allowing hackers access to personnel records and network servers, according to a new ...

Recommended for you

Scalping can raise ticket prices

7 hours ago

Scalping gets a bad rap. For years, artists and concert promoters have stigmatized ticket resale as a practice that unfairly hurts their own sales and forces fans to pay exorbitant prices for tickets to sold-out concerts. ...

User comments : 6

Adjust slider to filter visible comments by rank

Display comments: newest first

Foolish1
not rated yet Jul 27, 2012
Defcon is a lot of fun but if you go thinking you will learn something noone else didn't already know you will be very disappointed.
antialias_physorg
5 / 5 (1) Jul 27, 2012
A perilous flaw is that the system is not designed to verify who is actually sending a message, meaning that those with malicious intent can impersonate aircraft either as pranks or to cause mayhem

DDOS a runway? Make an airport inaccesible with a cloud of virtual planes overhead? Force approaching airplanes to take drastic evasive maneuvers in bad weather because of an illusionary possible collision course? The possibilities for mischief are endless.

There is no provision to make sure a message is genuine

that position, velocity and other information broadcast by aircraft isn't encrypted

Holy crap - who designs something like this? Decent encryption. Digital signatures. That's not rocket science. You have that in most any distributed product today as a 'must have' feature.
alfie_null
not rated yet Jul 27, 2012
Holy crap - who designs something like this? Decent encryption. Digital signatures. That's not rocket science. You have that in most any distributed product today as a 'must have' feature.

That's because security was subsequently shown to be necessary. Rarely is it proactively included. We now use ssh rather than telnet. Google now funnels requests through ssl. Email now largely via smap.

It's hard to justify committing resources to defending against a hard to quantify threat. It's probably always going to be this way.

OTOH, maybe I'm being too cynical. Thoughtful (and ethical) designers could specify inclusion of security provisions (and perhaps inclusion of security cognizant members of the design team). Then it's up to managers to engage in whatever CYA activities they deem necessary.
antialias_physorg
5 / 5 (1) Jul 27, 2012
Rarely is it proactively included.

In medical applications (which is what I'm working on) it's standard (to be more precise: it's absolutely required) to have user identification, user logging, encryption, secure connections and whatnot.
This is to the point where the internal systems of most hospitals are positively forbidden to even have an outside/internet connection.
'Secure data transport' literally consist of burning stuff to DVD and physically carrying it to another hospital.

And this is not the result of a lot of medical stuff getting hacked in the past. This is just common sense that someone with free/unauthorized access to medical data can do a lot of mischief.
This seems no less obvious for any other system that can threaten life (transport, energy, etc.) to me.
I'm completely dumbfounded that there is nothing of that sort in aviation.
OZGuy
not rated yet Jul 27, 2012
I work as a Software Engineer for a financial group. We CANNOT release any software that is not secured/encrypted and basically fire walled to death. These are predominately internal applications; move to customer facing i.e. Internet accessible and the security rules go exponential. We have to obtain an independent penetration testing clearance at a minimum of every 6 months if the software is not modified and immediately on ANY code changes. We cannot use the same certified penetration testing company back-to-back to ensure we're not just getting the same report as last time. Basically we're paranoid!

We handle money and IF we were hacked no-one dies; I'd like to think that aviation security was even tighter, apparently NOT!
Foolish1
not rated yet Jul 27, 2012
That's because security was subsequently shown to be necessary. Rarely is it proactively included. We now use ssh rather than telnet. Google now funnels requests through ssl. Email now largely via smap.

What security?

SSH is only secure if you ignore the leap of faith at the beginning.

Email is not secure. Who is validating the trust chain? There is currently no credible trust anchor available.

SSL is only secure if you believe ALL hundreds of intermediaries issuing certs are trustworthy. Given prior known incidents you can count me out.

In this case if signals were encrypted other pilots would not have access to them which is a large reason for this system. Same basic ideas apply to the VHF. Treating a navigational aid as secure is worse in my view than assuming it can provide false information at any time.

This system is no different than AIS used successfully for years. Your existing tools don't just go away.