Page 1 of 1

Boeing 757 Testing Shows Airplanes Vulnerable to Hacking

Posted: Mon Nov 13, 2017 8:01 am
by HJ1an
“We got the airplane on Sept. 19, 2016. Two days later, I was successful in accomplishing a remote, non-cooperative, penetration,” said Robert Hickey, aviation program manager within the Cyber Security Division of the DHS Science and Technology (S&T) Directorate.

“[Which] means I didn’t have anybody touching the airplane, I didn’t have an insider threat. I stood off using typical stuff that could get through security and we were able to establish a presence on the systems of the aircraft.” Hickey said the details of the hack and the work his team are doing are classified, but said they accessed the aircraft’s systems through radio frequency communications, adding that, based on the RF configuration of most aircraft, “you can come to grips pretty quickly where we went” on the aircraft.



http://www.aviationtoday.com/2017/11/08/boeing-757-testing-shows-airplanes-vulnerable-hacking-dhs-says/

Re: Boeing 757 Testing Shows Airplanes Vulnerable to Hacking

Posted: Mon Nov 13, 2017 1:39 pm
by jwocky
Well yeah, not a new subject. Of course, it is a subject kept mostly silent in the world of "professional" security experts because nobody has figured out yet, how to solve it and probably even more important, how to make a crazy money with it. And there is of course a lot of politics involved as well.
See, just some years ago, everybody went to "the cloud". It appeared so nice to have access to your data from everywhere and every device. No data on "the other computer" anymore. And of course, every cloud service provider promised you, it's entirely save. Well, we get nowadays about 4-6 spectacular cloud hacks per year when millions of identities are stolen from cloud-based business infrastructures of big mall chains for example. The FBI, the NSA and as it ready between the lines, the CIA were hacked for a while almost monthly. It seems, it became a little better now, but we can't be sure, is it because technology got better or just because the covering up got better.
Now, think a step down the line. If you have a hacked cloud, you can shut it down and have days to figure what happened. Aside of stolen customer identities, you can't drive a mall into a mountain or on reef. They are buildings, they don't move. Hacked or not, they just don't move. But now think about a ship. Modern ships use autopilots as well. They also depend on electronic and computer-interpreted navigation systems. So, if a ship is hacked, it can be for example steered on ground. Or somewhere where it shouldn't go. No big deal? Switch off the computer and sail old-school? Well, first you have to notice something is wrong. And now, you have no days to figure it out, you have maybe hours to understand, the position your computer based on the omnipresent GPS shows you is wrong. Now don't think just any ship. Think about USS Virginia class nuclear submarines or think about USS Zumwalt class destroyers. Or God beware, Ohio class SSGNs and SSBNs. Did you know, the idea to save money by using off-the-shelf-components brought Windows on submarines that carry nuclear warheads, ICBMs and cruise missiles? There are actually a lot of ships and submarines out there that could be hacked. Maybe not to the point, they fire their weapons under hacker control, but at least to the point, navigation is compromised. Which, given they operate sometimes quite near to the border of some nation's territorial waters, is a problematic thing.
Now think plane. A plane is fast. If a hacker is in, you have maybe minutes to figure, someone compromised your system. Now everybody has this horror image in his mind of a plain going down nose first into the ground. But imagine other scenarios first. Imagine a course change not noticed by the flight crew. Right into NKorean air space for example. Or short after a take-off into mountainous terrain. If a hacker sets pitch to -50 degrees, pilots notice. But if the change the course and can make it look on the displays as if the course is right? Especially in a night flight, there is not much chance. And then, you have only minutes. And even if you notice something, the flight crew has to switch off the computers and fly manually. Manually without all those neat toys they are used to.
I am also not sure, the statement made in this article, that newer planes are save in this matter. Newer planes have more connected and integrated systems. Their software is maybe designed under what is considered "state of the art" security, but we all know what that means. State of the art software is the one hacked next week, not last week and that's the whole difference.
So yes, it is a long known theoretical problem and it is only theoretical yet because nobody actually did it yet and crashed an airliner in a mountain. As far as we know, of course. Here is the thing, people forget: Once someone has done it and one airliner goes down for example, what happens next? See, at least some hints how he did it are out there, in the Internet. So the next one hasn't to try around for months but only for weeks. He leaves traces too or maybe put the whole recipe in the Internet to inspire others. So, hacks three and following take only days. While a whole industry will need months to stop at least he worst wholes. Which means, once the first plane goes down from such a reason, we can't just say, it is a discrete incident because it is like a contagious sickness. The longer it goes, the more planes get compromised.
So yes, it's highest time, someone pays attention to this problem.

Re: Boeing 757 Testing Shows Airplanes Vulnerable to Hacking

Posted: Tue Nov 14, 2017 12:17 am
by HJ1an
Yeah, obviously I am no expert at this, but sometimes I think the western world had lagged in security for the past 10 years or so, and failed to upkeep /upgrade older tech to be less vulnerable.

But obviously again I don't know what I am talking about ;P.

Anyway, the point is, everything seems to be going obsolete blindingly quick..

Re: Boeing 757 Testing Shows Airplanes Vulnerable to Hacking

Posted: Tue Nov 14, 2017 2:33 pm
by jwocky
The "western world" had always this enthusiasm about technology and what can be done with it without thinking things through to the end on safety and security levels. Not only since ten years. On a safety level, we had the time of the first cathedral builder who build always higher and mightier because they could, but forget, the weight has to sit on something. Which is the reason, you can't visit too many of the first generation of big European cathedrals anymore. They crumbled. The second generation got some influence from the outside and mathematics and architectural elements and and and and, long story short: "gothic" was the new hype. Now, about 2/3 of all those big gothic cathedrals are actually still around. The other third is gone, by wars, but mostly because people forgot to check out the piece of land they were building them. If there was rock under it well, that was good. If it was sand ... not so good.
See, an element in western culture is to do things, just because they can be done. A second element is to assume, all people in the generations before us where stupid stumbling idiots who had no idea and we are so much better now, we don't even need to look at what went wrong back then, we don't even need to learn from the past.

Hacking into communication, that's a security issue, right? Compromised encryption for example. Now, every year, the encryption of websites is broken. Nevertheless, Firefox and some others force everybody to use the encryption system that is broken every year again, not once, but a million times. Why? Because the general assumption is, the encryption is genius, all the problems are only caused by compromised user accounts and people who write their passwords down. Here is the funny thing: The Germans in WWII thought the same. They thought their ingenious encryption machine "Enigma" was secure. It was not and when the Allied broke into their code system, it became one of the things that helped them to win WWII. The first part of it was compromised in November 1940, the so called submarine-weather-code, which happened coincidentally pretty much on the day 76 years ago. So, getting hacked is not new, as history proves. The oldest hacking case I know stems from the early 13th century. Knights Templar used light signals and a kind of Morse code like system but the Byzantines had figured out their code and attempted to use it to confuse the crusaders under Henry of Flanders. But then, the Byzantines didn't know, the crusaders knew they knew. Convinced by "faked" messages, they amassed the only good heavy infantry they had in the wrong spot and the western knights broke through a weak spot at Adramyttion in 1205. Espionage, hacking, counter-espionage in 1205 with actually all the ingredients we saw 800 and something years later again when the DNC was hacked. And Hilary's emails. And the FBI. And the new NSA data center. And ... well, you get the gist.

The basic problem is not one specific software, the problem sits a lot deeper, and yes, it is a western world problem, or rather a western culture problem. But since in those technological areas, the western world makes the music, the whole world dances after it. The funny result is, we have nuclear submarines now who can suffer from regular Windows viruses. Not only in the US. The latest British and French models too. But there are reports, the latest Russian Boomer generation has also the same problem and rumors has it, even the Chinese 9-4 subs as well.

Here is something to think about: Modern cryptology is based almost exclusively on the use of gigantic prime numbers. The idea is, to figure out such a number takes so much time and computer power, that a regular hacker can#t do it. Which, so the official opinion, reduces the hacking risk to compromised user accounts and in some cases classic espionage methods. So, up to that level, it sounds all nice and logic. The longer a key, the longer you need to break it by brute force. The point not even questioned is, does a hacker need brute force? Or can he find the needed keys on some other ways. In many cases, he can. For example, modern planes get updates for routes when they are connected during maintenance to a network. So, basically, there is a maintenance account hidden in any commercial liner's software. Now, if someone can for example hack into the entertainment network from inside the plane and this entertainment network is not 100% separated from the flight network, what could here go possibly wrong?
Aside of it, the theory, that it takes so long to figure out the prime numbers for encryption is a theory. Look up Riemann hypothesis. It is, as of yet, not completely proven, but the hypothesis is actually, there is a function that can produce large prime numbers. Well, simplified picture of course.