The DHS team reportedly accessed the plane’s systems via radio frequency communications.
A team of cybersecurity experts led by the US Department of Homeland Security (DHS) reportedly remotely hacked a Boeing 757 aircraft, without the knowledge of the pilots. It apparently took the DHS team, comprised of academicians and industry experts, a total of two days to infiltrate and gain control of the aircraft’s systems.
The aircraft was hacked at an airport in Atlantic City, New Jersey last year, as part of a test. The Boeing 757 aircraft was reportedly acquired by the DHS in September 2016. CBS reported that US President Donald Trump’s personal jet, as well as the plane frequently used by vice president Mike Pence, is Boeing 757.
Speaking at the CyberSat Summit in Virginia last week, Robert Hickey, aviation manager within the cybersecurity arm of the DHS Science and Technology (S&T) Directorate reportedly said that the DHS team accessed the aircraft’s systems via radio frequency communications. Given that the test is reportedly classified, the details of the hack have not been disclosed.
“I didn’t have anybody touching the airplane, I didn’t have an insider threat. I stood off using typical stuff that could get through security and we were able to establish a presence on the systems of the aircraft.” Hickey said, Aviation Today reported.
The classified test was reportedly conducted by the DHS “artificial environment and risk reduction measures were already in place”. A Boeing official was present during the hacking of the aircraft. “We firmly believe that the test did not identify any cyber vulnerabilities in the 757, or any other boeing aircraft,” the firm said in a statement, CBS reported.
A Boeing official told CBS that the test likely does not indicate a major threat to airliners since the hacking involved using very specific attack methods on older aircrafts with older systems. The official told the media outlet that while the information from the test was valuable, “but I’m not afraid to fly”.
The DHS’ test reportedly followed a 2015 incident that involved a hacker, Chris Roberts, who was arrested by the FBI after having admitted to hacking commercial airplanes nearly 20 times, while in-flight, Bleeping Computer reported.