August 11, 2018 at
During a three hour Norwegian Airlines flight in November 2017, IOActive’s senior security consultant Ruben Santamarta decided to take a peek at the integrity of the complimentary wifi’s security system. His unsettling discovery was that the internet security system on the multimillion-dollar aircraft was very vulnerable to hackers, which in turn makes every connected personal device vulnerable.
Luckily, Norwegian Airlines’ safety and control systems are isolated from the wifi, so nobody’s life was at risk. However, it would be very possible for a hacker—onboard or on the ground—to access any personal computing devices connected to the wifi and its camera and microphone.
A “white hat” is a cybersecurity professional who ethically hacks into security systems as a method to test their integrity. This is in opposition to “black hats,” which are computer hackers with sinister, criminal intent.
If he had been a black hat, Santamarta could have taken control of every aspect of each phone and laptop connected to the wifi on that flight, but luckily he didn’t plan to break the law that day. Companies will often hire white hats to test new security systems to look for potential vulnerabilities, but Santamarta was not hired by Norwegian Airlines. For that reason, he had to take it upon himself to bring more attention to this problem.
Over the next several months, Santamarta worked on hacking into several other airlines’ aircraft and some satellite communication equipment using similar methods—except this time from the ground. The same vulnerabilities that plagued the Norwegian Airlines’ wifi were also detected by Santamarta in satellite communication equipment commonly used by ships and the military.
Being the helpful hacker he is, Santamarta analyzed the extent to which these shortcomings could be exploited. He determined that it was possible to unveil the coordinates of US military ships in conflict zones, spying on cargo ships, and discover the locations of military bases which should be hidden. He even found someone else’s malware which infected a vessel!
Lastly, but certainly not least, Santamarta revealed that a hacker who gained control of certain military systems would be able to cause physical damage and burns to people and ships using radio frequency heating.
Southwest Airlines contacted their wifi partners, Global Eagle, and voiced their concerns pertaining to the weak security. Global Eagle responded, claiming to have fixed their problems within two hours of notification in December 2017, shortly after Santamarta discovered them.
Hughes also contributed to the planes’ wifi equipment and satellite tech. They claim that their system has “a number of safeguards that guard against unauthorized access,” and recommend that anyone with security concerns contact their service providers.
It had been reported that Santamarta shared his findings and concerns with aviation experts with specialization in satellite communications for aircraft.