20 minutes ago
European Aviation Safety Agency (AESE) informed about the possibility of carrying out cyber attack on the plane by a system of “Aircraft Communications Addressing and Reporting System ‘(ACARS), used to transmit text messages between aircraft and ground stations (eg. airports). Comment on the matter gave Andrei Nikishin, head of the department responsible for new technology at Kaspersky Lab.
Employed by the said agency expert was able cheat the system “Aircraft Communications Addressing and Reporting System ‘(ACARS) and used by him loophole in the system was first reported by Hugo Teso in 2013., at a conference Hack In The Box dedicated to IT security.
A weakness of the ACARS system is the lack of verification of data packets transmitted from ground stations to aircraft. For this reason, it is possible to deceive this mechanism by inserting a new data packet between the information sent to the aircraft. Theoretically, therefore, a potential attacker can influence the decision of the pilot to change course, sending the plane, eg. A false message about the impending storm. A similar mechanism could be used to trick a GPS system that misinterpreted the location of the aircraft – warned Nikishin.
The ACARS system uses its own coding and decoding, which is used since 1978. It should be noted that in those days, aviation systems were not designed with cyberbezpieczeństwie. ACARS is therefore obsolete and we believe that the aircraft manufacturers should as soon as possible to introduce his successor, taking into account the latest trends in IT security – said the analyst.
No comments:
Post a Comment