Henry Dalziel | General Hacking Posts, Hacker Hotshots | November 25, 2013
We are absolutely thrilled to have RenderMan on a Hacker Hotshots/ InfoWarCon web show today, Monday November 25th.
Winn Schwartau will be joined by RenderMan, and they will be discussing: “The Sky is Falling: Hacking the Air Traffic Corridors.” RenderMan is the hacker – when it comes to AirTraffic/ Air Control hacking.
Winn and Brad (RenderMan) will be discussing:
In researching this blog post I noticed that the last point, i.e. that the industry ignores the evidence, seems to be particularly accurate. A Fox News article mentioned that a Spanish researcher (April 2013) has created an Android App that could ‘take control of an airplane’ during a flight owing to security flaws in the FAA’s 25-year-old communications software. When asked for a quote RenderMan replied:
“The fact that you’ve got another guy coming up with the same conclusion…this is suddenly proving things.”
The FAA counter these claims but let RenderMan persuade you otherwise! As a highly respected and recognized speaker on the security conference scene, RenderMan has presented this talk several times so this will be an excellent opportunity to learn more and see what security measures are being put in place.
Legacy Air Traffic Control systems had the following attributes:
However, the FAA are rolling out a new upgrade called the ‘NextGen’ system. This system is intended to better manage the FAA to keep tabs on every plane in flight by using GPS data rather than traditional radar. This system is meant to allow for more precise tracking of planes that will allow pilots to choose more direct routes as well as replacing an antiquated system.
The NextGen architecture costs billions of dollars, and is still being implemented today – in 2013.
However, here’s the main point which RenderMan will undoubtedly discuss: the NextGen system may contain the same flaw that made it possible to hack in to Air Traffic Control – that the location data being transmitted between the airplane and the Control Tower is unencrypted and unauthenticated therefore leaving them open to potential hacker attack. Said more specifically, RenderMan’s research shows that anyone can listen to 1090Mhz and decode the transmissions from aircraft in real time and no data level authentication of data from aircraft, just simple checksums.
This is a pretty unbelievable talk if you think about it. We all would have thought that after 911 we’d be free from all types of aviation risks.
This talk forms part of our InfoWarCon series in which we have had the privilege of having some of the best and brightest security minds come on the show. Come and join us for RenderMan’s event which will be this Monday, November 25th at 1200 EST.
If you can’t make it then still hit the link above to watch the recorded version. As usual you can leave comments below or better still, ask a question during the event!