The FBI says a security researcher — who was kicked off a United Airlines flight after tweeting about onboard security vulnerabilities — hacked into an airplane's computer and made it change course while he was on the flight.
According to a warrant application
filed by FBI Special Agent Mark Hurley, the researcher, Chris Roberts of One World Labs, had talked about hacking in through the plane's in-flight entertainment system to rewrite code for the plane's Thrust Management Computer, reports Wired.com
"He stated that he thereby caused one of the airplane engines to climb, resulting in a lateral or sideways movement of the plane during one of these flights," Hurley said in the application. "He also stated that he used Vortex software after comprising/exploiting or 'hacking' the airplane's networks. He used the software to monitor traffic from the cockpit system.”
The application was filed last month after Roberts was pulled from a United Airlines flight
after tweeting that he might hack into the plane's network while it was enroute from Chicago to New York.
When the plane landed in Syracuse, FBI agents and local police took him from the plane and seized two laptop computers, hard drives, and USB sticks.
Wired said Roberts had told their site that he caused a plane to climb in a simulated test, and that he was able hack into in-flight networks, but did not interfere with a plane's operation while in flight.
The FBI, though, said he told the agents that he was able to take control of one of the planes and caused it to fly to the side, changing its course.
He said he was able to access the network through a Seat Electronic Box, which is installed under passenger seats on certain planes. Roberts said after he removed the box' covers, he would connect his laptop to the box with ethernet cable to get access to the planes' entertainment systems, which gave him access to other computer systems on the planes.
Roberts said he had found that three types of Boeing aircraft and one Airbus model were vulnerable. He hacked into in-flight entertainment systems made by Thales and Panasonic, he told agents.
“You cannot promote the (true) idea that security research benefits humanity while defending research that endangered hundreds of innocents," Alex Stamos, chief information security officer of Yahoo, wrote in a tweet.
Roberts said he is concerned that his conversations with the FBI have gone public, and that some of the warrant documentation took what he said out of context.
"That paragraph that’s in there is one paragraph out of a lot of discussions, so there is context that is obviously missing which obviously I can't say anything about," he told Wired. "It would appear from what I've seen that the federal guys took one paragraph out of a lot of discussions and a lot of meetings and notes and just chose that one as opposed to plenty of others."
Roberts has been investigating aviation security for some time. He has been giving presentations for years, including one in Las Vegas in 2010 and another two years later, and has spoken with airplane manufacturers about the problems in their systems.
He told Wired that the FBI in Denver requested a meeting in February and discussed his research, wanting to know what was possible and what he and a colleague had done. He said they had gotten into data traffic on more than a dozen flights, and last month told Wired "we were within the fuel balancing system and the thrust control system. We watched the packets and data going across the network to see where it was going.”
However, Roberts and his partner said it would take many hacks to sabotage an avionics system, but in simulations, they were able to cause engine controls to go from cruise to climb, "which definitely had the desired effect on the system—the plane sped up and the nose of the airplane went up.”
Roberts is refusing comment about the allegations that he hacked into a plane's systems while it was in flight.
He says the tweet that led to the warrant was meant as a joke and reference at his efforts for years to get airliners like Boeing and Airbus to pay attention to security issues.
The FBI said it found that the SEB connectors under seats were Roberts was sitting while flying from Denver to Chicago, where he boarded the United Airlines flight to New York, showed signs of tampering, but Roberts denied compromising that network.
He did, however, admit to having USB thumb drives that contained malware to compromise networks, and on his laptop had schematics for the wiring systems of several types of airplanes. He said such items are standard for a security researcher.
He also questions the FBI's claims that the boxes showed signs of tampering, as many are often broken and cracked because they are not replaced often.
His company has gotten some fallout from the incident, including investors pulling their money out.
Boeing, in a statement to CNN
, said its entertainment systems are "isolated from flight and navigation systems," casting further doubt on the hacking claims.
"It is worth noting that Boeing airplanes have more than one navigational system available to pilots," the company said. "No changes to the flight plans loaded into the airplane systems can take place without pilot review and approval. In addition, other systems, multiple security measures, and flight deck operating procedures help ensure safe and secure airplane operations."
Airbus did not comment on the latest news, but in other statements has noted that security measures such as firewalls restrict access to plane computers, and that it "constantly assesses and revisits the system architecture" to keep its planes safe from hackers.
© 2021 Newsmax. All rights reserved.