Date
17 October 2017
Boeing and Airbus planes such as these operated by United Airlines have weaknesses that can be exploited by hackers, according to a man whom the FBI says took control of a United flight from his seat. Photo: AOL
Boeing and Airbus planes such as these operated by United Airlines have weaknesses that can be exploited by hackers, according to a man whom the FBI says took control of a United flight from his seat. Photo: AOL

FBI: Hacker took control of US flight from his seat

Federal investigators say a man who was removed from a United Airlines flight after tweeting about the airplane’s security weaknesses previously took command of a plane long enough to make it fly sideways.

Chris Roberts, founder of One World Labs, was questioned by the FBI on April 15.

Roberts told the FBI in February he had taken control of an aircraft, overwriting the code on its computer system and commanding the plane to climb, according to Yahoo News.

“He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights,” FBI special agent Mark Hurley wrote in the warrant application filed in the US District Court for the Northern District of New York and published by a Canadian media outlet.

“He also stated that he used Vortex software after compromising/exploiting or ‘hacking’ the airplane’s networks. He used the software to monitor traffic from the cockpit system.”

According to the warrant, Roberts, who for years has warned airplane manufacturers of their vulnerability to hackers, said he had accessed in-flight networks more than 15 times between 2011 and 2014 by connecting a modified ethernet cable to a box under the passenger seat in front of him.

He discovered vulnerabilities in three types of Boeing aircraft as well as the Airbus A-320 but he did not indicate which flight he was able to briefly commandeer.

Roberts was not charged with a crime but the FBI seized his computer equipment including a laptop, several hard drives, flash drives and a black iPad.

He is believed to  have had the “ability and the willingness” to hack into in-flight entertainment systems and “possibly the flight control systems” on future flights.

According to the FBI, agents warned Roberts in February that “accessing airplane networks without authorization” is a violation of federal laws and that he could be prosecuted.

According to the affidavit, a subsequent FBI search of Roberts’s seats on that plane “showed signs of tampering”.

Roberts did not immediately respond to a request for comment but he told Wired he did not connect his laptop to the box on that flight.

“Those boxes are underneath the seats,” Roberts said.

“How many people shove luggage and all sorts of things under there? I’d be interested if they looked at the boxes under all the other seats and if they looked like they had been tampered [with]. How many of them are broken and cracked or have scuff marks?”

He also told Wired that the allegation of commandeering in the FBI warrant application is being taken out of context.

“It would appear from what I’ve seen that the federal guys took one paragraph out of a lot of discussions and a lot of meetings and notes and just chose that one as opposed to plenty of others,” Roberts said.

– Contact us at [email protected]

RA

EJI Weekly Newsletter

Please click here to unsubscribe