Passenger Planes’ Satellite Communications Equipment Can Be Hacked Through Wi-Fi Networks, IFE

A cybersecurity researcher claims that he has developed a way to hack satellite communications equipment on passenger planes by using their Wi-Fi networks and in-flight entertainment, or IFE, systems. If confirmed, the researcher’s claim could force authorities to review aircraft security procedures.

Ruben Santamarta, a 32-year-old consultant with cyber security firm IOActive of Seattle, is scheduled to demonstrate his research at the Black Hat hacking conference in Las Vegas on Thursday, Reuters reported, adding that Santamarta’s presentation is expected to be one of the most widely attended events at the conference.

“These devices are wide open. The goal of this talk is to help change that situation,” Santamarta told Reuters.

According to Santamarta, he discovered the vulnerabilities by reverse-engineering the software, or firmware, that run on satellite communications equipment produced by companies, such as Cobham plc (LON:COB), Harris Corporation (NYSE:HRS), EchoStar Corporation’s (NASDAQ:SATS) Hughes Network Systems, Iridium Communications Inc. (NASDAQ:IRDM) and Japan Radio Co. Ltd. (TYO:6751).

Santamarta also said that unauthorized access into a plane’s avionics equipment is possible through the jet’s Wi-Fi signal or IFE system, which could hinder the aircraft’s navigation and safety systems. However, the researcher expressed a caveat when he stated his work has so far only been in controlled environments, and therefore, it might be difficult to replicate them in real-world situations.

In April, Santamarta published a research report in which he detailed multiple bugs in firmware used in satellite communications equipment in the aerospace, military, maritime transportation, energy and communications industries.

While representatives for Cobham, Harris, Hughes and Iridium confirmed some of Santamarta’s claims, the companies shrugged off the risks he referred to.

"In the aviation and maritime markets we serve, there are strict requirements restricting such access to authorized personnel only," Greg Caires, a Cobham spokesman, told Reuters.

Jim Burke, a Harris spokesman, also downplayed the threats, saying that “the risk of compromise is very small.”