IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Aeroplane Wi-Fi vulnerable to hacks, FAA report reveals

The research by the US Government Accountability Office warned IP networks leave flights open to cyber attacks

Plane

The US Government Accountability Office (GAO) has conducted a report into the Federal Aviation Administration (FAA)'s cyber security, finding that airline Wi-Fi could be vulnerable to hacks.

Four cybersecurity experts were consulted to put the report together and they said the firewall could be hacked like any other software and circumvented to put both passengers and the wider internet at risk.

The report explained that IP networking may allow a hacker to gain remote access to the aeroplane's systems - both those used by passengers and staff to access Wi-Fi and those using the internet in general.

This first threat would only affect people using the specific network, but could have devastating results if a hacker is able to use the network to break into the cockpit avionic systems.

"The presence of personal smartphones and tablets in the cockpit increases the risk of a system's being compromised by trusted insiders, both malicious and non-malicious, if these devices have the capability to transmit information to aircraft avionics systems," the report said.

The second threat is that anyone from the outside world could potentially attack the systems too, and inject malware onto devices. The outsiders could then attack the whole aircraft remotely.

"One cybersecurity expert noted that a virus or malware planted in websites visited by passengers could provide an opportunity for a malicious attacker to access the IP-connected onboard information system through their infected machines," the research revealed.

The GAO said: "As part of the aircraft certification process, FAA's Office of Safety (AVS) currently certifies new interconnected systems through rules for specific aircraft and has started reviewing rules for certifying the cybersecurity of all new aircraft systems."

Featured Resources

Accelerating healthcare transformation through patient-centred medtech solutions

Seize the digital transformation opportunities to streamline patient care and optimise patient outcomes

Free Download

Big payoffs from big bets in AI-powered automation

Automation disruptors realise 1.5 x higher revenue growth

Free Download

Hyperscaler cloud service providers top ten

Why it's important for companies to consider hyperscaler cloud service providers, and why they matter

Free Download

Strategic app modernisation drives digital transformation

Address business needs both now and in the future

Free Download

Recommended

'CryWiper' trojan disguises as ransomware, says Kaspersky
malware

'CryWiper' trojan disguises as ransomware, says Kaspersky

2 Dec 2022
Hyundai vulnerability allowed remote hacking of locks, engine
Security

Hyundai vulnerability allowed remote hacking of locks, engine

30 Nov 2022
Revealed: The top 200 most common passwords of 2022
cyber security

Revealed: The top 200 most common passwords of 2022

17 Nov 2022
Ransomware activity down 11% worldwide in Q3, but rise expected
ransomware

Ransomware activity down 11% worldwide in Q3, but rise expected

20 Oct 2022

Most Popular

Empowering employees to truly work anywhere
Sponsored

Empowering employees to truly work anywhere

22 Nov 2022
Salesforce co-CEO Bret Taylor resigns with cryptic parting message
Business operations

Salesforce co-CEO Bret Taylor resigns with cryptic parting message

1 Dec 2022
Netherlands urges citizens to prepare survival kits in case hackers target critical infrastructure
cyber attacks

Netherlands urges citizens to prepare survival kits in case hackers target critical infrastructure

2 Dec 2022