DHS Issues Hacking Security Alert as Small Planes Found Vulnerable

DHS Issues Hacking Security Alert as Small Planes Found Vulnerable to Hacking

DHS Issues Hacking Security Alert for ‘Exploitable’ Network Systems in Small Planes.

An attacker with physical access to the aircraft could attach a device to an avionics CAN bus that could be used to inject false data, resulting in incorrect readings in avionic equipment

A security alert issued by the US Department of Homeland Security (DHS) recommends plane owners restrict access to their aircraft after authorities were made aware of a system flaw present in the planes’ Controller Area Network (CAN bus) which exposes them to hacking.

The DHS’ Cybersecurity and Infrastructure Security Agency (CISA) informed aircraft owners Tuesday to take extra precautions in restricting access to the planes until the aviation industry addresses and introduces necessary security features to protect small planes’ CAN bus network.

Hackers with physical access to small aircraft can easily hack the plane’s CAN bus system and take control of key navigation systems.

CISA Executive Summary
CISA is aware of a public report of insecure implementation of CAN bus networks affecting aircraft. According to this report, the CAN bus networks are exploitable when an attacker has unsupervised physical access to the aircraft. CISA is issuing this alert to provide early notice of the report.

An attacker with physical access to the aircraft could attach a device to an avionics CAN bus that could be used to inject false data, resulting in incorrect readings in avionic equipment. The researchers have outlined that engine telemetry readings, compass and attitude data, altitude, airspeeds, and angle of attack could all be manipulated to provide false measurements to the pilot. The researchers have further outlined that a pilot relying on instrument readings would be unable to distinguish between false and legitimate readings, which could result in loss of control of the affected aircraft.

Mitigations

CISA recommends aircraft owners restrict access to planes to the best of their abilities.

Manufacturers of aircraft should review implementation of CAN bus networks to compensate for the physical attack vector. The automotive industry has made advancements in implementing safeguards that hinder similar physical attacks to CAN bus systems. Safeguards such as CAN bus-specific filtering, whitelisting, and segregation should also be evaluated by aircraft manufacturers.

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

CISA also provides a section for control systems security recommended practices on the ICS webpage on us-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

If your organization has been hacked contact LIFARS immediately
CALL TODAY! +1 212 222 7061

CAN Bus (Controller Area Network) communication explained in 5 minutes.
CAN bus hacking is behind multiple hacks of cars — including researchers Chris Valasek and Charlie Miller’s famous hack of a Jeep in 2014. Since then, automobile CAN buses have been compromised to take control over a number of cars, including those made by Tesla and Volkswagen.

 

Image credit:Google
Credit:
us-cert.gov/ics/alerts/ics-alert-19-211-01
us-cert.gov/ics/Recommended-Practices
threatpost.com/tesla-fixes-critical-remote-hack-vulnerability/120719/