Writing in his report on the vulnerabilities, he notes that he used Wireshark a network-monitoring tool to capture the traffic coming from the in-flight WiFi. After this had run for a bit, he noticed two unusual discoveries.
First, he found that: “The IPs assigned to passenger’s devices looked like routable IPs,” and second; “It was possible to observe network scans, coming from external random hosts, directed to internal but routable IPs.”
“Once the flight landed, a simple network scan against those ranges revealed that multiple common services such as Telnet, WWW, and FTP were available for certain IPs. Also, a web interface could be accessed even without authentication, as the following picture shows,” he added.
From this point, IOAcitve would be able to listen to In-flight WiFi communication, but it also gives them a stepping stone to connect to other hackable devices connect to the satellite communication system.
In a released statement, Santamarta commented: “The consequences of these vulnerabilities are shocking. Essentially, the theoretical cases I developed four years ago are no longer theoretical.”
“To my knowledge, my Black Hat talk is the first public demonstration of taking control, from the ground and through the Internet, of SATCOM equipment running on an actual aircraft.”
Targeted Microwaves Serious Risk
One potential malicious use of the vulnerability is to turn the antenna into a targeting electromagnetic energy generator: “The antenna is basically allowing us to generate controlled waves of electric and magnetic energy directed toward a specific location. What happens once this electromagnetic energy reaches their target?”
“The electric field component will exert a force on charged particles that may push away or attract electrons. From these interactions there is a derived thermal effect”
“It may help to get the idea behind these attacks if we mention that this is basically the same physical principle microwave ovens use to cook food or heat liquids,” Santamarta writes in his report.
While the risk to people is very low, it could be used to damage electronical systems.
The IT community has been reacting to the news of another weak link in satellite communication systems with Paul Farrington from application security company CA Veracode commenting in an emailed statement that: “It’s not the first time this year that the security of satellite systems has been called into question.”
“IT professionals are under a lot of time pressure to build and push out new applications and this could make software maintenance a lesser priority.”
“Neglecting application maintenance has now been elevated to a national security issue, not just a major source of chaos and potential revenue loss for businesses. Vulnerable software opens a backdoor for threat actors to exploit organisations.”
Ruben Santamarta states in his report that: “Today, it is still possible to find vessels that are exposed to the Internet, leaving them vulnerable to malicious attacks.”
“We are providing the evidences to demonstrate that Internet of Things (IoT) malware was found actively trying to exploit exposed aircraft, as well as vessels that were already infected.”
This article is from the CBROnline archive: some formatting and images may not be present.
Join Our Newsletter
Want more on technology leadership?
Sign up for Tech Monitor's weekly newsletter, Changelog, for the latest insight and analysis delivered straight to your inbox.