Preventing a Plane Cyber Attack

Wednesday, November 5, 2014 @ 04:11 PM gHale


While unlikely, there are multiple avenues to compromise aircraft systems and because of that remote possibility, researchers are developing a network architecture that would prevent cyber attacks.

A cyber attack that could affect the plane would be difficult to execute and would require an inside individual that has sufficient access to the aircraft’s systems or the network it connects to, said David Stupples, professor at the City University in London.

RELATED STORIES
Bypassing an Air Gap via Radio
Cyber Security Center Starting to Roll
NIST’S Security Center of Excellence
NIST: How to Secure Printers, Copiers

Stupples said a disgruntled employee could spread the threat when the plane connects to a data port in order to update the entertainment systems. Moreover, the attack could then end up conducted via direct access to the aircraft’s systems.

The compromise mission can start with reconnaissance software and evolve to malware that impacts on the systems of the plane, he said in a published report.

However, as simple as this may sound in theory, carrying out this type of mission is more difficult in reality. The knowledge an attacker needs expands to the network architecture of the flight system and should be able to move the malware from one control system to another without detection. This is not something many individuals have access to.

Knowing all that, researchers started to work on a network infrastructure that would foil malicious attempts.

Together with researchers at Cranfieled University, Stupples is working on a system capable of identifying malware immediately after it reaches the network of the aircraft.

Once the systems identifies the threat trying to infiltrate the flight control software, the network turns off any non-essential components in order to limit access to critical parts. Basically, the end goal is to enact a known safe state of the network.

A similar approach could work in the case of critical infrastructure, such as power stations or water plants.

The car industry faces a similar threat, but in this case, it appears that security is more evolved, as experts have already come up with a device that would detect abnormal activity and take measures to turn off the network and the higher level functions.

Along those lines a $150 intrusion detection system could end up placed under the car’s dashboard and monitor for malicious activity.

In detection mode it can identify irregular commands and block them. The device’s creators showed the technology at the Black Hat USA security conference this year.



Leave a Reply

You must be logged in to post a comment.