A new search warrant filed in a federal court in New York state published Friday by the Canadian website APTN revealed that the aviation computer security researcher Chris Roberts reported the FBI that he briefly obtained the control of at least one commercial aircraft. Roberts told WIRED that he violated in-flight networks nearly 15 times during various flights, but just to sniff traffic without interfering with the plane activities.
On April 15th, Roberts was arrested and questioned by the FBI after he landed on a United Airlines flight 1474 from Denver, Colorado to Syracuse, New York. Feds questioned Roberts for four hours and seized his electronic equipment, including an iPad, a MacBook Pro, and storage devices.
The document includes the affidavit released by Chris Roberts to the FBI:
“connected to other systems on the airplane network after he exploited/gained access to, or “hacked” the [in-flight entertainment] system. He stated that he then overwrote code on the airplane’s Thrust Management Computer while aboard a flight. He stated that he successfully commanded the system he had accessed to issue the climb command. He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights. He also stated that he used Vortex software after compromising/exploiting or “hacking” the airplane’s networks. He used the software to monitor traffic from the cockpit system.”
Roberts told to Wired that that the above statement was taken out of context.
“That paragraph that’s in there is one paragraph out of a lot of discussions, so there is context that is obviously missing which obviously I can’t say anything about,” he said. “It would appear from what I’ve seen that the federal guys took one paragraph out of a lot of discussions and a lot of meetings and notes and just chose that one as opposed to plenty of others.”
While Roberts was on the flight tweeted about taking control of the engine-indicating and crew-alerting system of the plane, but it was a joke.
The engine-indicating and crew-alerting system (EICAS) is an integrated system used to monitoring the principal functions (i.e. fuel quantity, oil pressure, etc.) in the aircraft.
Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? “PASS OXYGEN ON” Anyone ? 🙂
— Chris Roberts (@Sidragon1) 15 Aprile 2015
Just after the Roberts’s arrest the FBI agents have noted evidence of tampering to the electronic system under the seat of the man.
@MWoodall83 What we say and what we do can sometimes be two totally different things 🙂 However no systems were harmed en route to SATX
— Chris Roberts (@Sidragon1) 2 Maggio 2015
Roberts reported on Twitter that in reality no systems were harmed during his trip, he reported to Wired that he had only tapped in to watch data traffic on airplanes.
“Roberts had previously told WIRED that he caused a plane to climb during a simulated test on a virtual environment he and a colleague created, but he insisted then that he had not interfered with the operation of a plane while in flight.” states Wired.
Following the incident, the United Airlines launched a bug bounty program.
“We believe that this program will further bolster our security and allow us to continue to provide excellent service. If you think you have discovered a potential bug that affects our websites, apps and/or online portals, please let us know. If the submission meets our requirements, we’ll gladly reward you for your time and effort.” states the company.
Whatever happened, it should be noted that the hacking of an aircraft is a realistic event, that’s why airlines have to adopt all necessary security measures to prevent it.
(Security Affairs – plane hacking, flight)