For the Umpteenth Time, No! You Cannot Hack a Plane Using IFE—But Those Who Try Should Be Prosecuted

The news cycle has returned to false claims of hacking aircraft through in-flight entertainment and connectivity (IFE/IFEC) systems. Panasonic Avionics, singled out in an article published by The Telegraph this morning, responds.

The Telegraph published claims by Ruben Santamarta of group IOActive that “he managed to ‘hijack’ in-flight displays to change information such as altitude and location, control the cabin lighting and hack into the announcements system.”

While use of the word ‘hijack’ is an attention-grabber, it is inaccurate. Hacking an IFE system is not ‘hijacking’ a plane.

Further, the various claims Santamarta makes in the article are unfounded, says Panasonic Avionics, manufacturer of the IFE systems the article singles out.

“IOActive has presented no evidence that its examination of Panasonic’s systems would support any such suggestion, and its statement that its “research revealed it would also theoretically be possible that such a vulnerability could present an entry point to the wider network, including the aircraft controls domain” will only serve to falsely alarm the flying public,” Panasonic writes in a formal statement issued this evening to address the claims made in the article.

“In its communications to the press, IOActive made unfounded, unproven conclusions. The basis for many of these conclusions would first necessitate that an attacker gained a physical connection within the IFE network. During the unauthorised testing, network penetration, or even network connection to Panasonic’s product, did not occur.

“The conclusions suggested by IOActive to the press are not based on any actual findings or facts. The implied potential impacts should be interpreted as theoretical at best, sensationalising at worst, and absolutely not justified by any hypothetical vulnerability findings discovered by IOActive.

“IOActive, in statements to the press, inappropriately mixed a discussion of hypothetical vulnerabilities inherent to all aircraft electronics systems with specific findings regarding Panasonic’s systems, creating a highly misleading impression that Panasonic’s systems have been found to be a source of insecurity to aircraft operation.”

Quick Facts

  • IFE systems are separate from the systems which pilots use to navigate and operate the aircraft.
  • Breaking into a single IFE system to mess around with its software is not ‘hijacking.’ It is destruction of property.
  • This is nothing like “taking control of a Jeep Cherokee”
  • Even if the claims Santamarta made were true they would be as akin to ‘hijacking’ an aircraft as mounting a bicycle is to becoming an oceanographer.
  • The pilots control the plane using complex, secure, unrelated and isolated systems.
  • Pilots and crew control IFE systems.

You Can’t Access Passenger Data Either

In the Telegraph article, Santamarta is also quoted as claiming that he could access passenger data through these hacks. This is also false.

“IOActive employee Ruben Santamarta’s statement regarding credit card theft is simply not true,” says Panasonic Avionics. “Mr. Santamarta makes incorrect assumptions about where credit card data is stored and encrypted within Panasonic’s systems.

Santamarta also says that, through his activities, he could disrupt the in-flight experience for passengers onboard.

“It is important to note that, during the course of this unauthorised, in-service testing, the safety, security and comfort of passengers of the aircraft were never in danger or compromised due to the system segregation and robust security design of our inflight entertainment and communications (IFEC) product, and of all commercial aircraft as well. His exploit itself was limited to a single seat and information gathering; control override of the IFEC seat and system did not occur,” says Panasonic.

This Is Not Testing, It’s Destruction of Property

While claims made by Santamarta and others give the impression that the industry has no one to guide them on security issues—except lone hackers willing to sacrifice their aircraft seat in the interest of rogue curiosity—there are well-established ways to proof these systems against malicious attacks.

“Like any responsible business, Panasonic continually tests the robustness of its systems, and reviewed all of the claims made by Mr. Santamarta. It subsequently engaged Attack Research (AR) to conduct validation testing in May 2015 and again in 2016 to ensure that the few minor concerns (in no way linked to the control of an aircraft) identified by Mr. Santamarta had been fully remediated, and this was confirmed in a written report to Panasonic,” the manufacturer states.

“Panasonic does not condone unauthorised security testing during aircraft operation in uncontrolled environments, such as those conducted by IOActive. Panasonic strongly supports legislation that should be enacted to make on-board electronic intrusion a criminal act.

Security professionals who wish to test our systems legitimately and safely can do so by participating in our Bug Bounty program (bugbounty@panasonic.aero in which Panasonic provides unfettered access to our products to allow for in-depth security testing and analysis.

“Panasonic IFE products have a robust security design that complies with, or exceeds, all requirements, and are routinely and regularly tested by third-party professional security firms, as well as by participants in our independent Bug Bounty program.

“Panasonic also fully supports aircraft manufacturers and aviation regulatory agencies to ensure our IFE systems are designed to comply with all aircraft manufacturer and regulatory security requirements, and Panasonic routinely reviews our designs with said groups.

“Additionally, Panasonic is a member of the Aviation Information Sharing and Analysis Center (A-ISAC) for the express purpose of assuring that vulnerabilities are shared and assessed with a collective oversight so that the integrity of the systems can be maintained. Panasonic’s IFE software is certified at Level-E per DO-178B, with “No Effect” to aircraft safety.”

You’re Right! It Is Sick

Santamarta did say one thing to the Telegraph which was very true.

“I’ve been afraid of flying for as long as I can remember,” Santamarta told The Telegraph. “It might sound like a sick cure but, as a hacker, learning everything I could about how planes work, from the aerodynamics to electronics, has reduced the fear significantly.”

Manipulating other people’s fear of flying to gain public attention is sick, and it’s difficult to imagine how this helps cure Santamarta’s own fear of flying.

Even taking this statement at face-value, it’s clear that fiddling with the IFE system on his seat has not helped Santamarta learn much about how aircraft work.

Otherwise, none of us would be writing these articles.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.