Not the most comforting thought, but then again Black Hat is not an annual venue content with comforting its audience of hackers and security experts. They come to Black Hat events because they are out to learn more about the cybersecurity risks they need to address. A security consultant this week is to tell the Black Hat audience why and how passenger jets may be at risk of cyberattacks. Ruben Santamarta, principal security consultant at IOActive. said he has figured out how to hack satellite communications equipment on passenger jets through their Wi-Fi and inflight entertainment systems. Not surprisingly, tech sites on Monday were buzzing over his planned presentation this week, since satellite communications attacks, in the context of air travel, pose potentially such devastating consequences. Jim Finkle, Reuters correspondent, said the consultant's presentation is expected to be one of the most widely watched at the conference in Las Vegas.
According to Reuters, in theory, said Santamarta, a hacker could use a plane's onboard WiFi signal or inflight entertainment system to hack into avionics equipment. The result would be potentially disrupting or modifying satellite communications, and this could interfere with the aircraft's navigation and safety systems. Santamarta acknowledged that his hacks were tested only in controlled environments, such as IOActive's Madrid laboratory; they may be difficult to replicate in the real world.
The presentation is scheduled for Thursday, said Reuters. He had completed a 25-page research report earlier this year carrying details of what he said were bugs in firmware used in satellite communications equipment for industries, including aerospace, military, maritime transportation, energy and communications. "The report laid out scenarios by which hackers could launch attacks, though it did not provide the level of technical details that Santamarta said he will disclose at Black Hat,"said Reuters. Santamarta said he will respond to the comments from manufacturers during his presentation, added Reuters, and then will take questions in an open Q&A session after the talk.
"Satellite Communications (SATCOM) play a vital role in the global telecommunications system," wrote IOActive in a recent news release. "We live in a world where data is constantly flowing. It is clear that those who control communications traffic have a distinct advantage. The ability to disrupt, inspect, modify, or re-route traffic provides an invaluable opportunity to carry out attacks." The company said the Las Vegas presentation is to show technical details, "mainly based on static firmware analysis via reverse engineering," and is also to include a live demo.
Explore further: SR Labs research to expose BadUSB next week in Vegas
More information: — www.reuters.com/article/2014/08/04/us-cybersecurity-hackers-airplanes-idUSKBN0G40WQ20140804