Sunday, 14 April 2013

You Can Hijack Airplane With An Android App!

If you thought hijacking airplanes was an uphill task, think again! If you so wish to do it, there's an app for it, that makes the task easier than you expect. All you need is an Android smartphone and get the app dowloaded and make the most of the airplane computer systems.

Hugo Teso, an IT expert and trained commercial pilot revealed the details of the app while talking at the Hack In The Box Conference in Amsterdam. Teso has an extensive knowledge and experience in both fields. He revealed that the modern day air planes are susceptible to malicious attacks, which all the hackers to take 'complete control' of aircrafts with their mobile device.
Android, Android app, App for hijacking airplane, Airplane technology, Android smartphone

Teso has developed a software that is capable of getting installed on the on-board computer (SIMON). He has also developed an Android app along with it that allows hackers to have control on various aspects of the plane (PlaneSploit).

Teso took advantage of two airplane security technologies including the Automatic Dependent Surveillance-Broadcast (ADS-B) and the Aircraft Communication Addressing and Reporting System (ACARS). Both the technologies are “highly susceptible to a number of passive and active attacks.” According to Net Security, here's what these technologies are responsible for:

The Automatic Dependent Surveillance-Broadcast (ADS-B) is responsible for sending information about each aircraft (including identification, current position, altitude, and so on) via an on-board transmitter to air traffic controllers. ADB-S allows aircrafts to receive flight, weather and traffic information about other aircrafts in their vicinity while flying.

The other technology called the Aircraft Communications Addressing and Reporting System (ACARS) is used to exchange messages between aircrafts and air traffic controllers via radio or satellite. It also allows automatic delivery of information about each flight phase to the latter.

SIMON framework works in a virtual environment, which is created with software and hardware products to simulate real life scenarios. It is apparently untraceable after it is deployed and enables the hacker to upload other software to the “Flight Management System [FMS] (computer unit + control display unit)” on a plane. Hacker can then control the aircraft remotely with help of the Android app.

After SIMON is installed in FMS, it is PlaneSploit that does the job. The app comes with a clean and simple interface. The steps that you have to follow include:

Please go here: It takes the user to choose locations on the map and change the route of the flight.

Define area: It sets detailed filters related to the airplane.

Visit ground: Crash the airplane.

Kiss off: Remove itself from the system.

Be punckish: It alerts the pilots that something is seriously wrong. Alarms start buzzing and lights start flashing.