Researcher Hacks United Airlines Flight

Published On May 19, 2015 | By Tom Huskerson | News and Analysis


united_continental_logo_detWould you feel safe if you knew that it’s possible to take control of an airliner with laptop computer or maybe just a smartphone app? That maybe exactly what has happened.

According to reports a security researcher was able to commandeer a United Airlines flight control system during a scheduled flight. A warrant application was filed last month for Chris Roberts a security researcher who was was banned from all United Airlines flights after tweeting a joke about exploiting flight control vulnerabilities while on a plane. Upon landing in Syracuse, New York, FBI agents escorted Roberts off the flight and confiscated his MacBook Pro and several thumb drives. FBI officials told Roberts a warrant to search the devices was pending, and filed a warrant application two days later.

This is not the first time Roberts has tampered with a plane in flight. He met with FBI officials in February of this year to discuss vulnerabilities with In Flight Entertainment (IFE) systems. Roberts told agents he was able to exploit vulnerabilities in the IFE systems 15 to 20 times from 2011 to 2014.  According to Roberts its possible to gain physical access to the IFE system through the Seat Electronic Box (SEB) located under seats containing video monitors, according to the FBI affidavit. Roberts was able to connect his laptop to the IFE system, allowing him to overwrite code on the aircraft’s Thrust Management Computer and issue flight commands from his seat.

According to the warrant application Roberts issued the “CLB” or climb command during an actual flight with real passengers. The command caused one of the engines to climb “resulting in a lateral or sideways movement” of the aircraft. Roberts denied the allegations telling Wired magazine that although he was capable of hacking into the IFE system, he never actually commandeered the flight. Roberts claimed he caused a plane to climb during flight, but only during a simulated test. On Twitter, Roberts claims much of the affidavit takes things he said out of context.

FBI agents conducted a search of the plane after the flight discovering SEBs under two of the aircraft’s seats which “showed signs of tampering.” Roberts denied tampering with the equipment saying “Nope I did not. That I’m happy to say and I’ll stand from the top of the tallest tower and yell that one.”

“We believe that Roberts had the ability and the willingness to use the equipment with him to access or attempt to access the IFE and possibly the flight control systems on any aircraft equipped with an IFE system, and that it would endanger public safety,” the affidavit reads.

Aircraft manufacturer Boeing said its entertainment systems are “isolated from flight and navigation systems.”

The company  declined to discuss its planes’ design features for security reasons saying; “It is worth noting that Boeing airplanes have more than one navigational system available to pilots. No changes to the flight plans loaded into the airplane systems can take place without pilot review and approval. In addition, other systems, multiple security measures, and flight deck operating procedures help ensure safe and secure airplane operations.”

Airbus has not addressed the incident but has stated before it has security measures, such as firewalls, that restrict access and the company “constantly assesses and revisits the system architecture” to make sure planes are safe.

Roberts is the co-founder of One World Labs which has lost investors as a result of the incident.   Roberts has not yet been charged with a crime.

Breaking it Down

This sh*t ain’t funny no more. What this man did, and has admitted to, is pure terrorism. He admitted to tampering with aircraft 15-20 times between 2011 and 2015. But is still walking around free. Why? Let me say this;  his actions could have had unforeseen consequences such as the destruction of an aircraft in flight. This man has only three possible reasons for tampering with an aircraft in flight. First he intended to do some harm which I pray I am wrong. Or second he was trying to show the airlines that they are vulnerable to this form of attack which is a good thing done the wrong way. Or third he is seeking publicity for his start up company. The common thread to all of these reasons is that all should land him in prison. Keep in mind that Malaysian Airline Flight 370 is still missing.

 

Like this Article? Share it!

About The Author

Tom Huskerson Bio Born in Richmond Virginia Tom Huskerson is a military veteran who settled in California after his discharge. Tom attended Santa Barbara City College where he began his writing career as a campus reporter. He worked as an intern news reporter for the Santa Barbara News-Press writing feature stories before moving on to San Francisco. At San Francisco State University Tom studied broadcast communications and began to focus on the Internet. He completed his graduate thesis on Internet advertising. Tom was the first student to ever focus on the Internet as a graduate student at San Francisco State University. After graduation he went to work for Zona Research in California’s Silicone Valley. As a research associate Tom supported senior analyst writing on the latest developments in the Internet industry. During the dot com boom Tom worked for several web businesses as a market researcher and analyst. As a writer and researcher Tom has authored various technical works including a training program for Charles Schwab security. Other projects included professional presentations on workplace violence and hiring security contractors. Tom has also written both fiction and non-fiction works and blogging for a travel website. He has published two books of short stories and completed two novels. Tom is the owner of Scribe of Life Literature and EbonyCandle.com. Tom is not the chief editor for the OnTechStreet. com. A news and information blog that focuses on tech news for African-Americans. The blog is the result of his desire to inform the African American community of the dangers and benefits of the cyber age. In his blog Tom reports on information security, new and analysis, scams and hoaxes, legal happenings and various topics that arise from the age of information. Tom believes that technology is a necessary tool for black people and they should know what is happening. Tom writes believing that techno speak is for the professional and that valuable information can be communicated using plain language. As a result he has embraced the motto, Less Tech, More Knowledge.

Comments are closed.