With smartphones in just about everyone’s pockets today, we tend to forget just how powerful and revolutionary these devices are. They have transformed the way we interact with the physical world, changing the way we communicate and navigate our space. A new smartphone app developed by a German security consultant Hugo Teso showcases just how smartphones could be used for nefarious reasons as well, such as hijacking and controlling airplanes from the ground. Yikes.
Before we all start panicking, let me just assure you that this app, dubbed PlaneSploit, is by no means in the public realm. Teso has been keeping his code close to his person, and has only been tested on flight simulators thus far. The software exploits the Aircraft Communications Addressing and Reporting System (ACARS), which facilitates controls between the aircraft and ground control. The code also exploits the Automatic Dependence Surveillance Broadcast (ADS-B), which functions as the aircraft’s radar system. Thankfully, the code cannot be used on actual planes, and can be de-activated simply by turning off the plane’s auto-pilot feature.
“You can use this system to modify approximately everything related to the navigation of the plane, that includes a lot of nasty things.”-Teso to Forbes
Teso developed this app over a period of three years, gobbling up old computer hardware that is commonly used on airplanes across the globe via eBay to develop his framework of code called Simon. Teso revealed his app in Amsterdam, at the Hack in the Box security conference. Teso has reached out to aircraft manufacturers and software developers in an attempt to ensure that they close the security gaps that he has exploited. Here’s a list of some of the apps features:
- Please go here: A way of interacting with the plane where the user can dynamically tap locations on the map and change the plane’s course.
- Define area: Set detailed filters related to the airplane, for example activate something when a plane is in the area of X kilometers or when it starts flying on a predefined altitude.
- Visit ground: Crash the airplane.
- Kiss off: Remove itself from the system.
- Be punckish: A theatrical way of alerting the pilots that something is seriously wrong – lights start flashing and alarms start buzzing.
Thankfully, this White-Hat hacker has developed this software to showcase exploits, not actually enable them. With the increasing move from traditional warfare and terrorism tactics to the virtual world, finding exploits such as these are critical to the ensuring the safety of aircraft passengers the world over.
[Via: Android Pit, CNN]