Planes could be cyber-jacked through on-board Wi-Fi: US govt watchdog
Cockpit systems inadequately firewalled from passenger cabin, warns GAO
On-board Wi-Fi on commercial flights could be used to interfere with cockpit operations and even crash planes, The Guardian reported, citing the US Government Accountability Office.
The GAO suggested that a malicious actor could take control of aircraft systems by tunnelling from passenger Wi-Fi to critical infrastructure.
"Modern aircraft are increasingly connected to the Internet," the watchdog said in a statement. "This interconnectedness can potentially provide unauthorised remote access to aircraft avionics systems."
The US Federal Aviation Administration and airlines have been working to modernise planes and flight tracking with Internet-based technology. It is this interconnectivity that the GAO is concerned about. Its report notes that cockpit systems are tied, albeit indirectly, to the passenger cabin, through shared networks. While critical systems are heavily firewalled, the GAO cited expert security consultants who said the system was hackable.
"Four cybersecurity experts with whom we spoke discussed firewall vulnerabilities, and all four said that because firewalls are software components, they could be hacked like any other software and circumvented," the report said.
"According to [the experts], Internet connectivity in the cabin should be considered a direct link between the aircraft and the outside world, which includes potential malicious actors."
While acknowledging FAA action taken on cybersecurity policies, the report insists "opportunity exists for further action.
Last March, in a separate report, the GAO raised concerns over the FAA's aircraft guidance system, which the office believed was at "increased and unnecessary risk" of being hacked.