Monday, October 12, 2015

Aircraft threatened cyberattack – Interia

20 minutes ago

European Aviation Safety Agency (AESE) informed about the possibility of carrying out cyber attack on the plane by a system of “Aircraft Communications Addressing and Reporting System ‘(ACARS), used to transmit text messages between aircraft and ground stations (eg. airports). Comment on the matter gave Andrei Nikishin, head of the department responsible for new technology at Kaspersky Lab.

A weakness of the ACARS system is the lack of verification of data packets transmitted from ground stations to aircraft. This may help cyber attack

/ © 123RF / Picsel

Kaspersky Lab experts tracking the activity of the group Winnti discovered threat based on malicious code from 2006., which embeds itself in the boot sector drive. This is a dangerous tool called “HDRoot” is a universal platform for continuous and long-term presence in the victim’s … read more

Employed by the said agency expert was able cheat the system “Aircraft Communications Addressing and Reporting System ‘(ACARS) and used by him loophole in the system was first reported by Hugo Teso in 2013., at a conference Hack In The Box dedicated to IT security.

A weakness of the ACARS system is the lack of verification of data packets transmitted from ground stations to aircraft. For this reason, it is possible to deceive this mechanism by inserting a new data packet between the information sent to the aircraft. Theoretically, therefore, a potential attacker can influence the decision of the pilot to change course, sending the plane, eg. A false message about the impending storm. A similar mechanism could be used to trick a GPS system that misinterpreted the location of the aircraft – warned Nikishin.

The ACARS system uses its own coding and decoding, which is used since 1978. It should be noted that in those days, aviation systems were not designed with cyberbezpieczeństwie. ACARS is therefore obsolete and we believe that the aircraft manufacturers should as soon as possible to introduce his successor, taking into account the latest trends in IT security – said the analyst.

Article from category: Internet

LikeTweet

No comments:

Post a Comment