Was Flight MH370 the result of Cyber Hijacking?

Was Flight MH370 the result of Cyber Hijacking?

Henry Dalziel | Latest InfoSec News | March 31, 2014

Was MH370 brought down by a Cyber Hijack?

The safety record of the Boeing 777-200ER, (especially the generation that Malaysia Airlines Flight 370 was, is, superb).

Although mechanical failure is not completely unusual, what is surprising is how very little wreckage (if any) has been found. The number of possibilities that can go wrong with a plane are in the hundreds, but some can be instantly discounted and what might be gaining gradual acceptance as a possible reason for bringing down flight MH370 is Cyber Hijacking.

Although Cyber Hijacking might still be relatively low on the list for what ‘made the plane crash’, we at Concise Courses are slightly more convinced than the average person. Why? Because we had Winn Schwartau & Renderman present: The Sky is Falling: Hacking the Air Traffic Corridors” on Hacker Hotshots last year (November 2013) and the technology and vulnerabilities within commercial aviation were exposed to us and in pretty scary way.

Key to the concept of Cyber Hijacking is the fact that the tracking devices were turned off – could that have been done with code? To us that alone suggests with almost 100% certainty that there was foul (human) play at hand – and that that foul play might have been written with malicious code.

Using an Android Device (and an app) a hacker has illustrated that it might just be possible to hijack and take over a plan. The security researcher, Hugo Teso, created software that could, in theory, affect flight hardware. This claim, made in 2013, was countered by the FAA.

“A hacker cannot obtain ‘full control of an aircraft’ as the technology consultant has claimed,”
Laura J. Brown, FAA deputy assistant administrator for public affairs.

However, a short while after the above statement was given we note that Renderman, a co-cyber hacking aviation expert along with Hugh Teso, gave a presentation at the Infiltrate security hacker conference in Miami, that illustrated how the next-generation software being built is also flawed.

Renderman, who works for a small company in Canada by day and is a hacker by night, told us that the existing Air Traffic Control Systems have the following attributes (and vulnerabilities):

  • Air Traffic Control has not changed much since the 1970′s
  • Primary radar provides range and bearing, and no elevation
  • Transponder system (SSR) queries the plane, plane responds with a 4-digit identifier + elevation
  • ID number attached to flight on radar scope, great deal of manual communication and work required
  • Transponder ID used to communicate situations i.e. emergencies, hijacking, etc
  • Transponder provides a higher power return than primary radar reflection, longer range
  • Only interrogated every 6-12 seconds, low resolution of altitude
  • Pilots get no benefit (traffic, etc)
  • Requires large separation of planes (~80miles) which limits traffic throughput in busy areas

In Summary
RenderMan, is a celebrity in hacker circles and we were delighted to have him present on Hacker Hotshots. His presentation was terrifyingly titled “Attacking the Next Generation Air Traffic Control System” and we really encourage you to watch it.

Just as much as a dedicated and motivated hacker can hack air traffic control ‘passenger-side’, so they can surely also hack into flight hardware once ‘air-side’.

Dr Sally Leivesley, a former UK Home Office official, told major news channels this week that [flight MH370]: ‘..might well be the world’s first cyber hijack’ The logic behind this is that there appears to be an element of planning and vulnerability assessment from someone with a very sophisticated systems engineering understanding.

What do you guys think? We’d especially like to hear from anyone with aviation experience!

  • Dr. Phil

    There are many reasons why this would never work. Hopefully I will get the opportunity to discuss some of these reasons and talk about how some of these systems really work at DEFCON 22.

    As a pilot, flight instructor, airplane mechanic, avionics tech, aviation professor, and plane builder who has actually worked on some of these avionics systems, I’m in a unique position to really discuss this topic.

Leave a comment or reply below...thanks!