Aeroplane Wi-Fi vulnerable to hacks, FAA report reveals
The research by the US Government Accountability Office warned IP networks leave flights open to cyber attacks
The US Government Accountability Office (GAO) has conducted a report into the Federal Aviation Administration (FAA)'s cyber security, finding that airline Wi-Fi could be vulnerable to hacks.
Four cybersecurity experts were consulted to put the report together and they said the firewall could be hacked like any other software and circumvented to put both passengers and the wider internet at risk.
The report explained that IP networking may allow a hacker to gain remote access to the aeroplane's systems - both those used by passengers and staff to access Wi-Fi and those using the internet in general.
This first threat would only affect people using the specific network, but could have devastating results if a hacker is able to use the network to break into the cockpit avionic systems.
"The presence of personal smartphones and tablets in the cockpit increases the risk of a system's being compromised by trusted insiders, both malicious and non-malicious, if these devices have the capability to transmit information to aircraft avionics systems," the report said.
The second threat is that anyone from the outside world could potentially attack the systems too, and inject malware onto devices. The outsiders could then attack the whole aircraft remotely.
"One cybersecurity expert noted that a virus or malware planted in websites visited by passengers could provide an opportunity for a malicious attacker to access the IP-connected onboard information system through their infected machines," the research revealed.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
The GAO said: "As part of the aircraft certification process, FAA's Office of Safety (AVS) currently certifies new interconnected systems through rules for specific aircraft and has started reviewing rules for certifying the cybersecurity of all new aircraft systems."
Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.
Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.
As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.
AI tools are growing in popularity at enterprises, but not all of them are approved by employers – and that’s a serious problem for IT and security leaders
Kyndryl and Nokia extend partnership to drive data center networking gains
“It’s almost like moving from one aircraft carrier to another”: Inside National Trust’s sweeping digital transformation