Security breach: Remotely hacking into aircraft FMS

I do not consider myself someone who alarms himself easily, nor someone who likes to alarm others. However, recently, I came across a presentation, which was also was reported on some websites, about someone, Hugo Teso, who reported having managed to remotely hack into the FMS system of an aircraft by using ACARS. This report was done during a security conference in Amsterdam earlier this year.

He reported he managed to hack into a replica of a Flight Management System (FMS) in a simulator and cause the aircraft to crash. If this is the case, the implications may be great and security upgrades should be implemented fast on the vulnerable systems. In the presentation it says that he used two vulnerable systems which are in wide use: he used ADS-B to find an aircraft, as the ADS-B gives information about the aircraft's 4d position (time, lat, long & altitude), then through ACARS he contacts the aircraft and tries to hack into the FMS (as ACARS has a connection to uplink information to the FMS, so the connection exists).

Once into the FMS he was able to manipulate it.

Well for me this is very worrying, much more worrying than bringing liquids which have not been verified on-board.

The only comfort is that the report is proactive (it is done before something has really happened) and that it concludes with a note that work is being done by EASA to solve the security vulnerabilities.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)

What is 3 + 4 ?
Please leave these two fields as-is: