This Guy Hacked Hundreds Of Planes From The Ground
The weaknesses in satcom kit also allowed Santamarta to spy on cargo ships and uncover supposedly hidden military bases
August 9, 2018 - by Thomas Fox-Brewster Cybersecurity for Forbes
Throughout November and December last year, Ruben Santamarta sat in front of his computer peeking inside the technical bowels of hundreds of aircraft flying thousands of meters above him.
That included commercial aircraft operated by some of the biggest airlines in the world. He believes it may've been the first time anyone had hacked planes from the ground by taking advantage of weaknesses in satellite equipment.
The cybersecrity researcher could, if he'd been so inclined to break the law, have hacked those onboard systems, snooped on the onboard Wi-Fi and carried out surveillance on all connected passenger devices.
Fortunately, the safety systems on the planes were not at risk, thanks to the ways in which modern aircraft segment networks.
Santamarta, a researcher at cybersecurity company IOActive, was able to spy on all those planes due to vulnerabilities in satellite communications equipment, such as antennas sending data up to aircraft and the modems within.
All could be exploited remotely, without needing physical access to the hardware. In his words, Santamarta found various ways to turn satellite communications kit into "radio frequency weapons."
He isn't saying just what equipment until he details his attacks in full at the Black Hat conference in Las Vegas on Thursday. (Forbes is aware of the affected technology and will update this article once Santamarta has given his talk.) Relevant airlines, satellite communications vendors and government agencies were contacted about the vulnerabilities, IOActive said. Most have fixed the problems uncovered by Santamarta. Some remain vulnerable.