Hacker Briefly Flies Plane Sideways After Accessing Engine Systems, FBI Says

A security researcher told the FBI he used a plane's in-flight entertainment system to hack into its engine system on multiple occasions, once even briefly flying the plane sideways, according to an FBI affidavit filed in April. Fifteen to 20 times from 2011 through 2014, Chris Roberts, a computer security expert with One World Labs, a security intelligence firm in Denver, "exploited vulnerabilities" in the in-flight entertainment systems of three Boeing planes and one Airbus, the affidavit said.

Using a modified ethernet cable, he would connect his laptop to the system, then rewrite code for the airplane's thrust management system, which includes controls for a plane's engine system. On one flight, "he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane." In other words, he told one engine to enter climb mode, and the plane flew sideways.

After the FBI warned Roberts in February that such hacking was illegal and he could be prosecuted for doing so, Roberts said he would stop hacking entertainment systems. But after that conversation, he sent out a few Tweets that raised the FBI's suspicions, including the following, which suggested he was tampering, yet again, with an in-flight entertainment system:

The day of that tweet, April 15, Roberts had flown on a United Airlines plane from Denver to Chicago. An FBI agent later inspected the plane and Roberts' seat; the electronics box beneath it had been damaged. A short time later, the FBI submitted the affidavit to examine Roberts' computer equipment, which it had already confiscated.

The reason Roberts told the FBI about his hacking exploits in the first place was because he wanted the agency to know about the vulnerabilities in the plane's computer systems, according to the affidavit.

The story was broken Friday by Canada's Aboriginal Peoples Television Network.