Following concerns about the plausibility and dangers of passengers hacking airplane Wi-Fi networks, the FBI and TSA have issued a joint alert warning airlines to be increasingly vigilant about monitoring for such attacks.
The warning, issued as a private industry notification and first reported by Wired, is a response to last week’s news about Chris Roberts being stopped and questioned after he tweeted about hacking the Wi-Fi network aboard a United Airlines flight. “Although the media claims remain theoretical and unproven,” the authorities warn, “the media publicity associated with these statements may encourage actors to use the described intrusion methods.”
The FBI and TSA do point out that they have no evidence of hackers being able to successfully gain access to an airplane’s vital systems via Wi-Fi or In Flight Entertainment networks. But that doesn’t stop them suggesting how flight crews should respond to suspicious activities:
- Report any suspicious activity involving travelers connecting unknown cables or wires to the IFE system or unusual parts of the airplane seat.
- Report any evidence of suspicious behavior following a flight, such as
IFE systems that show evidence of tampering or the forced removal of
covers to network connection ports.
- Report any evidence of suspicious behavior concerning aviation wireless signals, including social media messages with threatening references to Onboard Network Systems, ADS-B, ACARS, and Air Traffic Control networks.
- Review network logs from aircraft to ensure any suspicious activity, such as network scanning or intrusion attempts, is captured for further analysis.
The issue is clearly a big concern that the authorities have yet to respond to with absolute clarity. Stopping and questioning security researchers is perhaps less useful than working out how to prevent real hacks from taking place, after all. But we know one thing: we hope all this fuss doesn’t affect the ongoing relaxation of electronic device use one planes. [Wired]
Image by Geoffrey Gallaway under Creative Commons license