Speculation surrounding the cause of the disappearance of Malaysia Airlines Flight 370 hasn't included the possibility of a cyber-attack, until now. A cybersecurity expert contends hacking an airliner is feasible.
See Also: Data Center Security Study - The Results
"Bottom line: It's not only conceivable, but Boeing itself has warned about it," Carl Herberger, vice president of security solutions at network security solutions provider Radware, writes in a blog posted March 18.
Shouldn't modern day commercial aircrafts be tested for cybersecurity vulnerabilities prior to granting airworthiness certificates?
To be clear, Herberger doesn't claim that a hack of the Malaysia Airlines Boeing 777-200's information systems caused the jetliner to alter its flight and vanish from air traffic controllers' radar screens. But the former Air Force aviator who served as an electronic warfare officer on B-52 bombers and holds an engineering degree in aeronautics maintains that an airliner is hackable.
And, he says, that vulnerability is documented in a type of Federal Aviation Administration rule known as special conditions issued late last year and published in the Federal Register regarding Boeing 777-200, 300 and 300ER models.
The FAA detailed special conditions of the Boeing 777-200 model of airliner, the type of aircraft that disappeared on a flight from Kuala Lumpur to Beijing on March 8. According to the FAA, the integrated network configurations in those Boeing jetliners could enable increased connectivity with external network sources through interconnected networks and systems, such as passenger entertainment and information services. Those links didn't exist in previous airplane models. And the new condition creates significant weaknesses. Here's how the FAA's Jeffrey Duven, in justifying the special conditions, puts it:
"This may enable the exploitation of network security vulnerabilities and increased risks potentially resulting in unsafe conditions for the airplanes and occupants. This potential exploitation of security vulnerabilities may result in intentional or unintentional destruction, disruption, degradation, or exploitation of data and systems critical to the safety and maintenance of the airplane. The existing regulations and guidance material did not anticipate these types of system architectures."
Preventing Inadvertent and Malicious Actions
The new special conditions require Boeing to assure that the design of 777s IT systems prevent access by unauthorized sources internal to the airplane. The design must prevent inadvertent and malicious changes to, and all adverse impacts upon, airplane equipment, systems, networks or other assets required for safe flight and operations.
Think about it as the Internet of Things in the Sky.
As we ponder other threats posed by the Internet of Things, and actions that can be taken to mitigate them, Herberger says vetting an airplane systems' vulnerabilities to attacks should be contemplated. "Simply stated," he writes, "the threat to an aircraft from a cyber-attack has not been made part of the requirements for the airworthiness of modern day airliners. ... Shouldn't modern day commercial aircrafts be tested for cybersecurity vulnerabilities prior to granting airworthiness certificates?"
And it's not just someone hacking into a system. Herberger says the supply chain could introduce vulnerabilities. "We don't pay enough homage to the availability-based risk," Herberger told me in a telephone conversation. "We don't think the availability to knock off a system leads to a life-threatening situation.
"I'm familiar with a lot of manufacturers, sub-manufacturers and suppliers, and with a casual look you can find that these manufacturers' own systems have vulnerability in them. As we get more and more automated, it's not too far of a leap to believe that someone is going to figure out how to infiltrate and take advantage of them."
As I ruminate about what Herberger says, I wonder if manufacturers of all types of wares that could be breached should account for the trustworthiness of their cyber-components as part of the process that certifies other aspects of the product, such as the nuts and bolts that hold together the fuselage or the depth of the tread on a tire.
"Security professionals have long understood the threat that embedded systems create for modern day critical infrastructure," Herberger writes. "We need to test and protect these systems and it's high time to drive these processes into modern day transportation (and I'll add other sectors) vendors to ensure public safety."