Boeing 757 Airplanes are Vulnerable to Hacking, DHS Says

0 9

At CyberSat Summit in Tysons Corner, Virginia 2017 U.S. Department of Homeland Security (DHS) official said on Wednesday any commercial aircrafts are vulnerable to hacking as team of government, industry and academic officials successfully demonstrated by remotely hacking in non-laboratory setting.

Robert Hickey, aviation program manager within the Cyber Security Division of the DHS Science and Technology (S&T) Directorate said “We got the airplane on Sept. 19, 2016. Two days later, I was successful in accomplishing a remote, non-cooperative, penetration.”

 “[This] means I didn’t have anybody touching the airplane, I didn’t have an insider threat. I stood off using typical stuff that could get through security and we were able to establish a presence on the systems of the aircraft.” Hickey said the details of the hack and the work his team are doing are classified, but said they accessed the aircraft’s systems through radio frequency communications, adding that, based on the RF configuration of most aircraft, “you can come to grips pretty quickly where we went” on the aircraft.

The aircraft that DHS is using for its tests is a legacy Boeing 757 commercial plane purchased by the S&T branch. Mark Rosenker, the former chair of the National Transportation Safety Board said “The 757 hasn’t been in production since 2004, but the aging workhorse is still flown by major airlines like United, Delta and American.”  USA President Trump’s and Vice President Pence often use 757 including pence recent trip to Texas.

In a statement, Boeing said, “We firmly believe that the test did not identify any cyber vulnerabilities in the 757, or any other Boeing aircraft.”

An official briefed on the testing does not believe it revealed an “extreme vulnerability” to airliners, since it required a very specific approach in a very specific way on an older aircraft with an older system.

The official adds, it was good information to have, “but I’m not afraid to fly.”

In 2015, a security researcher claimed to have hacked into a passenger aircraft through its in-flight entertainment system while he was travelling aboard the plane. However, there is no evidence he accessed flight control systems.


Jahnavi M

Vulnerability analyst, Technical Writer, Security Blogger, Co-founder—SecKurity

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: