FBI: Computer expert briefly made plane fly sideways

[seemslikeadream]

FBI: Computer expert briefly made plane fly sideways
Elizabeth Weise, USATODAY 8:39 p.m. EDT May 16, 2015

SAN FRANCISCO — A computer security expert hacked into a plane's in-flight entertainment system and made it briefly fly sideways by telling one of the engines to go into climb mode.

Chris Roberts of One World Labs in Denver was flying on the plane at the time it turned sideways, according to an FBI search warrant filed in April.

The warrant was first publicized on Friday by APTN, a Canadian News Service.

Roberts told the FBI he had hacked into planes "15 to 20 times," according to court documents first made public Friday.

Roberts first made news in April when he was told he couldn't fly on United Airlines because of tweets he had made about whether he could hack into the flight's onboard computer settings.

The FBI search warrant describes him doing just that.

According to the document, in an interview on Feb. 13, 2015, Roberts told agents he had hacked into in-flight entertainment centers on Boeing 737s, 757s and Airbus A-320 aircraft "15 to 20 times."

The warrant describes how Roberts would wiggle and squeeze the Seat Electronic Box under his seat, which connected to the plane's in-flight entertainment system, or IFE.

He would then connect a cable to the box and connect it to his computer. From there, Roberts was able to hack into the plane's IFE system using default IDs and passwords.

He overwrote computer code for the planes' thrust management computer, which he told agents allowed him to make the plane climb on his command.

At least once, according to the document, he told one engine on a plane to climb, causing the plane to move sideways as it flew.

Roberts also used software to monitor traffic from the cockpit, according to the search warrant request.

Roberts is a well-known and respected expert on computer security. He told the FBI he was furnishing the information "because he would like the vulnerabilities fixed."

APRIL 15 POSSIBLE TAMPERING

FBI agents had spoken with Roberts several times, according to the document. They told him that accessing an airplane network without authorization was a violation of federal statues.

Roberts told them he understood and that he would not hack into any more airplanes, according to the document.

On April 15, Roberts flew United from Denver to Chicago. On the flight, he tweeted about the possibility of accessing the plane's In Flight Entertainment system.

The FBI sent an agent to inspect the flight when it arrived in Philadelphia, where it had flown after Chicago.

The agent inspected the Seat Electronic Box below seats 2A and 2B and found evidence of damage and tampering.

Roberts flew from Chicago to Syracuse, N.Y. When he arrived, FBI agents took him into custody and seized as digital evidence his computer, hard drives and other gear he had with him.

The search warrant application was for permission to search Roberts' computer gear.

Roberts has not been charged with any crimes.

Requests for comment from the FBI, United Airlines and Roberts' company produced no immediate response.

[Joao]

All claims appear to originate exclusively from what "Roberts told agents". Maybe they're true, and maybe they aren't.

The publicity for his security firm sure is real, though.

"Roberts has not been charged with any crimes."

Chris Roberts
Founder & CTO

Regarded as one of the world’s foremost experts on counter threat intelligence within the cybersecurity industry, Roberts constructs and directs One World Labs’ comprehensive portfolio of cyber defense services designed to improve the physical and digital security posture of both its enterprise and government clients. Roberts understands enterprise security requirements, having served as both an in-house security expert and consultant on IT security, engineering and architecture/design operations for scores of Fortune 500 companies across the finance, retail, energy and services sectors. Further, he regularly engages with various government agencies on critical security issues of national importance.

Featured Speaker Engagements [selections]
2010: Invitation only Bank of America (Speaker and Panel)
2013: CH2MHill (Presentation on Counter Intelligence)
2014: Security Awareness, Training and Education Day at Raytheon (Speaker)

[Nordic]

And at the bottom of the OP story is a link to this:

http://www.usatoday.com/media/cinematic/video/26239475/

Experts: Terrorists could hack your plane through WiFi

Experts say in-flight Wifi can put planes at risk for being hacked while in the sky. Theoretically, a passenger could access anything from the passenger oxygen masks to more critical components like the engines.

I've figured from the get go that the German crash in the mountains was very likely someone hacking the plane.

[82_28]

Hey. He's in Denver right there!

[Lord Balto]

I'm still trying to figure out how a plane can fly sideways. What control surfaces do you manipulate to do that? Being as lift is generated by the air flowing faster over the wing than under it, would the manufacturers even build that capability into the plane?

[MinM]

This story sounds a lot like this one...

[Luther Blissett]

I think they must mean rotated sideways, not laterally sideways. It's unclear but at least makes a little more sense.

[justdrew]

it just doesn't make sense. it's too easy to isolate the control network from the passenger accessible network. I actually have to doubt this whole story. Probably they have honeypots installed on a lot of planes to identify persons dumb enough and yet capable enough to TRY hacking into it. because "recruitment" aka coercion. Can't you just hear it? "now... we could bring these charges at ANY time in the next decade, or right now. Or..."

[Zombie Glenn Beck]

He would then connect a cable to the box and connect it to his computer. From there, Roberts was able to hack into the plane's IFE system using default IDs and passwords.

[Lord Balto]

I think they must mean rotated sideways, not laterally sideways. It's unclear but at least makes a little more sense.

Actually, now they are saying he tilted the wings. This is all beginning to sound like some kind of put up job to enable even more stringent controls of the technology in the hands of the people.

[slomo]

Honestly, this whole story sounds like the plot of a wannabe summer blockbuster action movie that can be enjoyed only during the 105 minutes you are willing to suspend your disbelief, after which you start to realize how implausible the original premise was.

[Zombie Glenn Beck]

Honestly, this whole story sounds like the plot of a wannabe summer blockbuster action movie that can be enjoyed only during the 105 minutes you are willing to suspend your disbelief, after which you start to realize how implausible the original premise was.

Flying a plane sideways does sound weird, but some asshole with a basic understanding of the planes security system being able to take it over is 100000% plausible. About a third of all data breaches are done by just entering "Password1". Between Heartbleed and Op Aurora(Quote: “[The SCMs] were wide open,” says Alperovitch. “No one ever thought about securing them, yet these were the crown jewels of most of these companies in many ways — much more valuable than any financial or personally identifiable data that they may have and spend so much time and effort protecting.") no one should be surprised that our security is shit. Most of you already understand that physical airport security is just theater, why are you surprised their computer security is any different?

[slomo]

Honestly, this whole story sounds like the plot of a wannabe summer blockbuster action movie that can be enjoyed only during the 105 minutes you are willing to suspend your disbelief, after which you start to realize how implausible the original premise was.

Flying a plane sideways does sound weird, but some asshole with a basic understanding of the planes security system being able to take it over is 100000% plausible. About a third of all data breaches are done by just entering "Password1". Between Heartbleed and Op Aurora(Quote: “[The SCMs] were wide open,” says Alperovitch. “No one ever thought about securing them, yet these were the crown jewels of most of these companies in many ways — much more valuable than any financial or personally identifiable data that they may have and spend so much time and effort protecting.") no one should be surprised that our security is shit. Most of you already understand that physical airport security is just theater, why are you surprised their computer security is any different?

It's not the default passwords that are implausible. It's the idea that the passenger entertainment network would be connected to the flight control network. What purpose would there be in connecting them?

Wouldn't the passenger entertainment network be added at a point much later than the flight control system (the former being added on within the last 5-10 years, the latter originating with the construction of the plane)? Even if you believe that airlines are lazy enough just to want to expand an existing network (yes I do), one would think that post 9-11, IT/engineering managers would insist on keeping them separate. I mean, this level of precaution exists for HIPAA protection, why would there be any fewer precautions for flight controls? But I know nothing about flight control systems, so who knows?

[Zombie Glenn Beck]

It's not the default passwords that are implausible. It's the idea that the passenger entertainment network would be connected to the flight control network. What purpose would there be in connecting them?

Answered your own question.

Even if you believe that airlines are lazy enough just to want to expand an existing network (yes I do), one would think that post 9-11, IT/engineering managers would insist on keeping them separate. I mean, this level of precaution exists for HIPAA protection, why would there be any fewer precautions for flight controls? But I know nothing about flight control systems, so who knows?

Because 911 was done by scary brown people with boxcutters who cannot into computer. The public didnt demand better computer security on planes, it demanded porno-vision scans(that dont work), racial profiling (we have yet to find a man smuggling a bomb in a turban) and security databases (which can be bypassed by misspelling your name). Now that we have a "war on hackers" Im sure were going to see lots of very expensive upgrades in Airport computer security that wont do a god damn thing.

Let me put this into context. In 2009 the first ATM malware was detected. In 2010 ATM Jackpotting was invented(and its inventor dead not long after). In 2014 1.6 million pounds was stolen via ATM Jackpotting. This shows no signs of stopping or slowing down. Every time there was a new ATM exploit, the security companies declared that it was just a minor chink in the armor and released some paper mache countermeasures that were immediately obliterated. (Shoe bombs? X ray your shoes. Waterbottle bombs? No water bottles. Underwear bombs? Assume the position citizen. Are you noticing a pattern?)

Think about this. For five years hackers have been robbing major banks like crazy and these banks are powerless to stop them. This is not due to lack of motivation. Its because no amount of money they throw at security "experts" will fix the real problems. First, these armor chinks arent little one off bugs, they are symptoms of deeply rooted systemic flaws, and until those flaws are fixed(which will be never) no computer is safe. The second is that technology is only as good as the people using it. No one took the simple precaution of keeping the networks separate for the same reason that no one took the simple precaution of changing the default password.