Hacking aircrafts from a mobile phone may be a distant dream for many,but not for Hugo Teso.Hugo Teso,an IT analyst from N.Runs presented the research in Hack in the Box conference about hijacking aircraft using an Android mobile. He hijacked the protocol which is used to send data to commercial aircraft by exploiting bugs in the flight management system used by Honeywell,Thales and Rockwell Collins.
The protocol hijacked was the Aircraft Communications Addressing and Report System or ACARS. Teso said that he could exploit the system as the software dint had any security features like encryption and authentication .Thus the software was open to be exploited by anyone.
The equipment used was available on ebay and FMS simulation software was publicly available. To send the signals, he created a framework called SIMON and an Android app called PlaneSploit.
The hack could allow him to send signals to change the altitude ,speed, direction and pilots display.
What Aviation Safety has to say
European Aviation Safety Agency (EASA) dint think the same as Teso.They said that
this presentation was based on a PC training simulator and did not reveal potential vulnerabilities on actual flying systems,” and “in particular, the FMS simulation software does not have the same overwriting protection and redundancies that is included in the certified flight software.