Article brought to you by: Catholic Online (www.catholic.org)

Want to hijack a plane? There's an app for that

By Catholic Online (NEWS CONSORTIUM)
April 11th, 2013
Catholic Online (www.catholic.org)

A computer hacker and security consultant, who goes by the name Hugo Teso, says he can now hijack your flight in midair, just by using an Android app. Yep, there's now an app for that.

LOS ANGELES, CA (Catholic Online) - In news that would make al Qaeda jump with glee, a security consultant who goes by the name Hugo Teso has created an Android app called "PlaneSploit" for a smartphone that allows him to hijack planes in mid-flight.

Teso isn't trying to bring the world of aviation down however, but instead is using the app to demonstrate a glaring flaw in aviation security. Specifically that aircraft communications systems have no authentication or encryption in place. This means anyone with the right software and equipment can take control of a plane in mid-flight.

Teso is also a trained commercial pilot and he told a shocked audience at the Hack the Box security conference in Amsterdam that he can hack a plane in mid-flight using his phone.

The app was tested using virtual planes in a lab. Teso explained that testing the app with actual aircraft would be "too dangerous and unethical."

He also said he could cause a crash by various means including causing two aircraft to collide in midair. Other systems, such as the emergency oxygen masks could be activated to cause panic.

A pilot, he said, could thwart the attack by taking the plane off autopilot, however many new systems don't even include manual controls. He explained that some systems could be updated to patch the vulnerability, but some older systems would be impossible to fix.

There is no response yet from aviation officials and aircraft manufacturers, but it is clear that a serious security flaw exists. We should be thankful that it was a security consultant and not a malevolent hacker that found it first.

Unfortunately, now that the world knows about this vulnerability, it's hard to avoid imagining a team of hackers working feverishly to build their own version within days. Let's hope there's a team of security professionals working just as hard for the good guys.

Article brought to you by: Catholic Online (www.catholic.org)