If you have a fear of flying, this new information isn’t going to make it any better. The government has just issued an alert that small planes may be vulnerable to hacking.
There already have been incidents of hackers temporarily gaining control of large passenger jets. It was only a matter of time before small planes became targets for cybercriminals, as well.
Read on to find out how small planes can be hacked. We’ll also look at the cyber vulnerabilities of large jets.
DHS alert warns of small plane hacking
The Cybersecurity and Infrastructure Security Agency (CISA), which is overseen by the Department of Homeland Security (DHS), reports that small planes’ electronic systems can be hacked and fed incorrect information. The hacks could lead to a pilot losing control of the plane.
Unlike many other hacks that can be conducted remotely, cybercriminals need to first physically access the plane’s control board. Once in, the hackers can attach a device on the plane’s Controller Area Network, or CAN bus.
A CAN bus allows microcontrollers and devices to communicate with each other without using a host computer. CISA reports that once the device is attached, hackers can start feeding cockpit instruments incorrect data about altitude, airspeeds and even compromise the compass.
CISA recommends that owners restrict access to their small aircraft as much as possible. The agency also is calling on aircraft manufacturers to review the implementation of CAN bus networks that can block hacking devices.
Hackers began attacking large airplanes first
Since at least 2015, airlines installing Wi-Fi systems for customers began opening the possibility of hackers attacking passenger jets. You see, the Wi-Fi is on the same network as the flight computer.
Once a hacker gets around the firewall between the Wi-Fi and the flight computer, they can actually take control of the plane. Sure enough, it happened.
Just a month after these fears began to emerge, a security researcher told the FBI that he had hacked large passenger jets 15 to 20 times. He hacked the infotainment systems on the planes. On at least one occasion he was able to access the flight computer and commanded one engine to “climb.”
In 2017 as part of a test, DHS experts deliberately hacked a Boeing 757 remotely in just two days without the pilots’ knowledge. The team was able to access and gain control of the plane’s systems using radio frequency communications.
Last year, leaked DHS documents stated the agency feared that it was “only a matter of time” before a commercial plane was hacked and caused a “catastrophic disaster.” Even more frightening, the documents also showed how most planes in use today still don’t have enough cyberattack protections.