Cybernews
  • News
  • Editorial
  • Security
  • Privacy
    • What is a VPN?
    • What is malware?
    • How safe are password managers?
    • Are VPNs legal?
    • More resources
    • Strong password generator
    • Personal data leak checker
    • Antivirus software
    • Best VPN services
    • Password managers
    • Secure email providers
    • Best website builders
  • Follow
    • Twitter
    • Facebook
    • YouTube
    • Linkedin
    • Flipboard
    • Newsletter

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

Our readers help us create quality content. If you purchase via links on our site, we may receive affiliate commissions. Learn more

Home » Security » Planes can be remotely controlled by hackers

Planes can be remotely controlled by hackers

by Chris Stokel-Walker
14 May 2020
in Security
0
Hacker at desktop
0
SHARES

Almost all of the world’s planes are currently grounded, but getting them back up into the air will require more than the easing of lockdown restrictions worldwide. New research by threat researchers Pen Test Partners uncovers a worrying flaw in the collision detection systems that control aircraft while they’re mid-flight.

According to the researchers, nefarious hackers could force aircraft to move against their own will by spoofing the plane’s Traffic Alert & Collision Avoidance System (TCAS), which ensures it doesn’t come into contact with other airborne craft during a flight. The TCAS system uses transponders to scan the horizon for other planes, and communicates data between them – making sure to change course if it forecasts that it could collide with another plane.

But it’s easy to spoof the system and create a fake TCAS contact, pumping out information that claims a plane is flying in the path of an aircraft, causing the real plane to have to take evasive action.

Spoofing aircraft is easy

The results are worrying. “We rationalised this to the point where we only needed three fake aircraft to provide [a Resolution Advisory] that caused a climb of over 3,000 ft/min,” the researchers write. 

They did so by creating signals in an aircraft simulator that indicated there were three planes flying one on top of each other in direct sight of the actual aircraft. The aircraft were presented in a wedge formation: the first fake plane was flying lowest and farthest ahead, the next one slightly above and further back, and the final one the furthest back and highest.

The wedge of fake planes emitting signals through spoofed transponders triggered the actual plane’s TCAS system, causing it to climb in order to fly above the purported problem and avoid an issue.

Potentially catastrophic consequences

But of course, the issue isn’t actually there. The fake planes don’t exist, and they’re just spoofed signals. What could actually happen is something far worse: by trying to avoid fake planes sending out signals, a real plane could end up on a collision course with another plane.

Beyond that, there are several other issues. For one thing, a jerky ascent or descent without any pilot control can be a major concern for passengers – and planes reacting like that without any reason would likely spook pilots who are being the controls.

And that’s a potential pitfall for another reason. The TCAS system provides pilots with audible, visible alerts that something is going wrong – and is deliberately intrusive in order to force pilots to take action in order to avoid catastrophe.

Creating a sense of distrust

If the TCAS system appears to malfunction, providing false positive recognition for aircraft that the pilot can see aren’t there – just as the spoof test demonstrated – then pilots are likely to distrust the system and the true positives it raises the alarm about. It’s possible for pilots to switch off TCAS from within their cockpit. If they think that the system doesn’t work, they might do that – and end up flying without any kind of warning system for mid-air collisions.

TCAS is being redeveloped, with a new generation of the system including GPS data, which the researchers say should make it harder to spoof. However, Pen Test Research aren’t so sure. “This clearly adds a layer of complexity to creating fake aircraft, but is well within the capability of any hobbyist with RF expertise,” they say. We’ll have to hope that pilots pay attention to the system – and that bad actors decide hacking planes is a step too far, even for them.

ShareTweetShareShare
Next Post
Naikon APT campaign goes undetected for five years

Naikon APT campaign goes undetected for five years

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Editor's choice

COMb data leak - Mother of all breaches
News

COMB: largest breach of all time leaked online with 3.2 billion records

by Bernard Meyer
12 February 2021
37

It's being called the biggest breach of all time and the mother of all breaches: COMB, or the Compilation of...

Read more
14 million Amazon and eBay accounts sold online in new leak

14 million alleged Amazon and eBay account details sold online

17 February 2021
The hype around quantum computing: it’s not too early to get in

The hype around quantum computing: it’s not too early to get in

15 February 2021
Facebook phishing campaign that tricked nearly 450,000 users in Germany is now spreading in the UK

Facebook phishing campaign that tricked nearly 450,000 users in Germany is now spreading in the UK

15 February 2021
Cyberpunk 2077 maker CD Projekt Red has GWENT source code leaked after ransomware attack

Cyberpunk 2077 maker CD Projekt Red has GWENT source code leaked after ransomware attack

10 February 2021
  • Categories
    • News
    • Editorial
    • Security
    • Privacy
  • Reviews
    • Antivirus Software
    • Password Managers
    • Best VPN Services
    • Secure Email Providers
    • Website Builders
  • Tools
    • Password generator
    • Personal data leak checker
  • Engage
    • About Us
    • Send Us a Tip
    • Careers
  • Twitter
  • Facebook
  • YouTube
  • Linkedin
  • Flipboard
  • Newsletter
  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • About Us
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!