Home News Airplane cybersecurity under the radar of DHS

Airplane cybersecurity under the radar of DHS

Bangkok Airways

Researchers of the United States government have come to believe that a cybersecurity event in the sky is imminent. Documents obtained by news site Motherboard suggest that according to researchers it is “only a matter of time” that an incident where an airplane is hacked occurs.

The news may come in light of the event where the Department of Homeland Security (DHS) had successfully hacked a Boeing 737 to highlight the vulnerabilities in several commercial aircraft. “We got the airplane on Sept. 19, 2016. Two days later, I was successful in accomplishing a remote, non-cooperative, penetration,” said Robert Hickey, aviation program manager within the Cyber Security Division of the DHS Science and Technology (S&T) Directorate while delivering a keynote address at a recent summit. “[Which] means I didn’t have anybody touching the airplane, I didn’t have an insider threat. I stood off using typical stuff that could get through security and we were able to establish a presence on the systems of the aircraft.”

A section of a presentation from the Pacific Northwest National Laboratory (PNNL), a Department of Energy government research laboratory, read, “Potential of catastrophic disaster is inherently greater in an airborne vehicle.”

The documents obtained by the news site also suggest that the DHS may have already conducted another test against an aircraft and suggested that how aircraft still use little to no cybersecurity protection. “Today’s commercial aviation backbone is built upon a network of trust; most commercial aircraft currently in use have little to no cyber protections in place,” it said.
The documents suggest that DHS team are moving from penetration testing to mitigation development. John Hultquist, director of intelligence analysis at cybersecurity firm FireEye, in an earlier tweet wrote, “ The actors who shut off the lights twice in Ukraine and caused over a billion dollars in economic damage with NotPetya have probed airports,” while pinning at a Russian hacker group.