Tag Archives: Cyber Attack

Cybersecurity In The Sky: Internet of Things Capabilities Making Aircraft More Exposed To Cyber Threats Than Ever Before

The rise of IoT (Internet Of Things) could become a security nightmare for aviation. We spoke with an expert about the dangers associated with bringing military and civil aircraft “online”.

The Internet of things (IoT) is the inter-networking of physical devices equipped with electronics, software, sensors, actuators, and network connectivity which enable these objects (referred to as “connected things”) to collect and exchange data.

Almost every device that is able to connect to the Internet can be considered as a “connected thing”: smartphones,  wearables, personal computers, refrigerators, smart meters, cars, buildings and, why not, aircraft can be considered IoT devices that communicate with one another. Smart homes are enabled by IoT devices. Just think to this scenario: a user arrives home and his car autonomously communicates with the garage to open the door. The thermostat is already adjusted to his preferred temperature, due to sensing his proximity. He walks through his door as it unlocks in response to his smart phone or RFID implant. The home’s lighting is adjusted to lower intensity and his chosen color for relaxing, as his pacemaker data indicates that it’s been a stressful day.

Based on some recent estimates, there will be about 30 Billion devices connected to the IoT by 2020.

What is somehow worrisome about the proliferation of IoT devices is the fact that most of these are poorly protected and hackable. Between September and October 2016, a botnet made of hundreds thousands under-secured IoT devices (mainly CCTV cameras) was used to perform one of the largest distributed denial of service (DDoS) attacks ever: a malware dubbed “Mirai” identified vulnerable IoT devices and turned these networked devices into remotely controlled “bots” that could be used as part of a botnet in large-scale network attacks. On Oct. 21, the so-called “Mirai IoT botnet” remotely instructed 100,000 devices to target the DNS services of DNS service provider Dyn. As a result much of America’s internet was brought down by the cyber-attack, because it prevent the accessibility of several high-profile websites.

Now, imagine for a moment, that these attacks involved or were aimed at connected airplanes.

“Soon, thousands of sensors will be embedded in each aircraft, allowing data to be streamed down to the ground in real-time. And who knows, in time, this could drive the ubiquitous black box to become simply a backup device!” said Aviation Week in an article last year.

Indeed, an aircraft can leverage IoT capabilities to proactively identify maintenance issues and place orders for replacement parts and ground maintenance crew while cruising, so that, when it lands, everything is already in place and ready to be fixed, without affecting the optempo. This is, for instance, what the F-35’s ALIS (Autonomic Logistics Information System) does: ALIS (pronounced “Alice”) uses sensors embedded throughout the aircraft to detect performance, compare to parameters, use sophisticated analytics to predict maintenance needs, and then communicate with maintenance staff so that the right parts are ready when needed. ALIS serves as the information infrastructure for the F-35, transmitting aircraft health and maintenance action information to the appropriate users on a globally-distributed network to technicians worldwide. In this respect the F-35 is said to be on the IoT’s cutting edge.

Maintenance information aside, the F-35 is surely the largest data collection and sharing platform ever produced, or the Number #1 IoT Device that can collect intelligence and battlefield data from several sensors and share it in real time with other assets as well as commanders.

The F-35 is an example of the extent of interconnection 5th Gen. warplanes feature. To complete missions in denied airspace, pilots need a way to share information securely, without revealing their location to enemy forces. The F-35 has incorporated Northrop Grumman’s MADL into its missions systems to provide pilots with the ability to connect with other planes and automatically share situational awareness data between fighter aircraft. The MADL is a high-data-rate, directional communications link that allows for the secure transmission of coordinated tactics and engagement for 5th Generation aircraft operating in high-threat environments. The MADL is one of 27 different waveforms in the F-35’s communication, navigation and identification (CNI) suite.

With IoT capabilities becoming pivotal to the world of military and civil aviation, connected aircraft could soon become the next target for cyber criminals or cyber enemies.

We have asked a couple of questions about the risk the IoT poses to aviation to Tom Hardin, research lead at G2 Crowd, a peer-to-peer, business software review platform.

Q) What’s the relation between IoT and Aviation?

A) The combination of IoT and aviation is intriguing on a variety of levels. As ‘things’ have become more connected, from wearables to self-driving cars, we now have access to massive amounts of new data points. All of this data can not only help us understand consumers better, but can potentially provide actionable intelligence on the business operations side. An example is tracking the movement of a product throughout a particular supply chain, storing data on production, delivery, and maintenance, that ultimately leads to more predictive and intelligent workflows.

Connecting IoT to commercial aviation, the concept of massive data storage capabilities leading to better analytics, maintenance, and the operation of aircraft could potentially offer significant benefits. Having real-time access to all data points during a flight, such as engine performance, weather analysis, pilot monitoring, etc., could help mechanical engineers create more efficient engines, allow operators to provide more accurate weather forecasts, and aid pilots’ health (and the safety of passengers).

In terms of military aviation, IoT would provide the same potential benefits experienced by commercial airlines, but applied more directly to combat strategies and tactical support. With all of the data gathered through an IoT-connected military aircraft, weapons system, or ground vehicle, missions could be planned with a greater level of intelligence and more effective strategy. Machine learning also plays a role here, as a system can be trained to make real-time decisions, helping collect intelligence faster and identify key threats quicker. For example, sensors on a military aircraft could potentially pick-up a mission-critical piece of information, and instead on that data point being missed or slowly relayed to troops on the ground, it is analyzed and communicated in real-time, allowing for a tactical shift that could increase the mission’s odds of success (and save more lives).

Q) What kind of risks do the above scenarios imply? Are there signs an aircraft or an airport will soon become a battlefield for cyberterrorism or cyberwar?

A) Although there are clear benefits to using IoT for military purposes, there are also serious dangers. Possibly the biggest threat of all is dealing with cyber criminals and hacking. With IoT connected military planes compiling sensitive data, hackers could potentially gain access to strategic information such as the location of troops or detailed mission plans. Even more frightening is the prospect that a hacker could gain access to an aircraft’s control system and weaponry, similar to drone hacks, and use it against the enemy. This type of breach could lead to acts of remote terrorism, which is truly a terrifying thought.

In terms of establishing a timeline on when all of this would be possible, it’s difficult to speculate. My feeling is that it is closer than most of us think. And with DDoS attacks continuing to be an issue, IoT security across industries needs to address the potential for massive data breaches or hostile takeovers.

With all of the potential benefits and security issues with IoT, aviation is something we need to keep an eye on. With the amount of terrorist attacks involving airplanes and airports in recent memory, the threat of a cyberterrorist attack involving a connected aircraft, especially if it is equipped with military-grade weaponry, could be catastrophic. And though hacking into the control system of a plane is likely incredibly complex, security concerns over IoT remain, leaving us to ponder the state if our increasingly connected world.

Hackers have already been targeting modern aircraft made of millions lines of code (with the F-35, the world’s most advanced, “software-based” aircraft at the top of the target list), for years now. IoT capabilities will simply expand the attack surface making next generation aircraft possibly more exposed to hacking than ever before.

Disclaimer: the F-35 is extensively mentioned in this article just because it is most interconnected combat aircraft to date and its Condition-Based Maintenance is considered a clear example of IoT Application in the military.

Salva

Salva

Salva

Salva

Salva

Middle East Cyber War: Revenge Of The Drones

In the same hours in which I was publishing my post on Cyber Weapons, news agencies all around the world have begun to release (few) details about a new alleged Cyber Attack targeting the Iranian Oil Ministry, the National Iranian Oil Company and several other state-owned businesses.

The attack has been confirmed by a spokesman of the Iranian Oil Ministry, who also stressed that critical data have not been damaged or lost in the attack. Anyway, as a consequence of the Cyber Attack albeit as a precaution Internet access to several oil refineries has been cut off.

Of course Iran is not new to Cyber Attacks targeting Critical Infrastructures (do you remember Stuxnet and the possible hoax of Duqu Stars?), in any case it is too soon to draw any connection with Stuxnet or any other kind of State-Sponsored Attack, even because, according to the scant information available, only a server providing public information has been harmed.

Probably this malware has nothing to deal with cyber weapons but, just for fun, I cannot help but notice that this alleged Cyber Attack came in the same day in which, among many doubts, Iran has announced to have reverse-engineered the U.S. stealthy RQ-170 Sentinel drone captured by Iran in December 2011.

The revenge of the reverse-engineered drone?

Obviously it’s ironic, but what if the drone was actually a Trojan horse?

[Read also: Captured U.S. stealthy drone in Iran: the simplest solution solves the mystery]

The mysterious hatch possibly housing a recovery chute. Image courtesy: Dave Krakow