Joke tweet sparks debate over airline computer security
When it comes to security, airlines have never been known for their sense of humor.
That became particularly apparent this month to a cybersecurity expert who joked during a flight about hacking into a commercial airplane’s avionics computers through its wireless Internet system.
It prompted a quick response from airlines, plane manufacturers and onboard Wi-Fi makers who insist that it cannot be done. Security experts say nothing is impossible.
The debate erupted after cybersecurity expert Chris Roberts, founder of One World Lab in Denver, sent a tweet while he was a passenger on a United Airlines flight, suggesting he could hack into the airline’s onboard system to trigger the oxygen masks to drop.
When he landed in Syracuse, N.Y., FBI agents were waiting to question him and confiscate his electronic devices, according to a statement from Roberts’ attorneys.
United Airlines, too, was not amused and banned Roberts from flying on the carrier.
Roberts’ tweet came a day after the U.S. Government Accountability Office released a report saying modern planes are increasingly connected to the Internet, opening the risk that hackers could access the aircraft’s avionics system. The GAO recommended more cooperation among federal agencies to study the threat.
United Airlines released a statement about Roberts, saying, “We are confident our flight control systems could not be accessed through techniques he described.”
Global Eagle Entertainment, a Los Angeles-based company that provides onboard Wi-Fi, entertainment and technology for 150 airlines worldwide, said it is not possible to hack into the airline’s avionics system through its Wi-Fi because the two systems do not share any wiring or routers.
Airline manufacturers Boeing Co. and Airbus both issued statements downplaying any hacking vulnerability.
Still, the FBI and the Transportation Security Administration posted a notice to the nation’s airlines, warning them to be on the lookout for any “suspicious activity involving travelers connecting unknown cables or wires to the [in-flight entertainment] system or unusual parts of the airplane seat.”
The notice was first published by Wired Magazine.
The FBI declined to elaborate, saying only that the agency “routinely provides information to private industry in order to help partner entities remain aware of observed or reported threats.”
To read more about travel, tourism and the airline industry, follow me on Twitter at @hugomartin.