DHS Hacked Airliner Systems

https://www.avweb.com/avwebflash/new...-229909-1.html

DHS Hacked Airliner Systems

By Russ Niles | November 13, 2017

The Department of Homeland Security has reportedly told a cyber
security conference it was able to hack the internal systems of a
Boeing 757 sitting on the ramp at Atlantic City Airport with no help
from anyone on board or anywhere near the aircraft. “We got the
airplane on Sept. 19, 2016. Two days later, I was successful in
accomplishing a remote, non-cooperative penetration,” DHS cyber
security expert Robert Hickey is quoted as saying by Avionics Today.
“[Which] means I didn’t have anybody touching the airplane, I didn’t
have an insider threat. I stood off using typical stuff that could get
through security and we were able to establish a presence on the
systems of the aircraft.” Hickey was speaking at the CyberSat Summit
in Virginia Nov. 8.

How the hack was done is classified but Hickey suggested it gave the
hackers comprehensive access to the aircraft’s systems. Hickey noted
that newer aircraft like the Boeing 737 MAX and 787 and Airbus’s new
A350 have more robust security but 90 percent of the fleet has the
same vulnerabilities as that 757. Two years ago a security researcher
claimed to have gained access to an airliner's flight systems through
its entertainment system but those claims were never verified.
-----------------------------------------------------------------------

https://www.cybersatsummit.com/event...summit/agenda/

New Generation of Cyberattacks - Assessment of the Evolving Threat
Landscape in Satellite and Aerospace
What are new generation cyber-threats facing companies in the
satellite and aerospace sectors? What will be the impact of automated
attacks and even attackers that use artificial intelligence? This
panel sets out the practical methods to identify cyber security events
within very busy networks, and how best to tackle them.

Moderator - Bob GourleyPartnerCognitio Corp.
Panelist - James TurgalExecutive Assistant Director, Information and
Technology BranchFBI
Panelist - Randy SabettHead of Cyber PracticeCooley
Panelist - Greg TouhillPresident, Cyxtera Federal GroupCyxtera
Technologies
Panelist - Lisa DonnanManaging DirectorOption3Ventures LLC

Fact Vs. Myth: What We Know So Far As It Relates To Cyberattacks in
Aerospace and Satellite
While cybersecurity is an issue for all companies in all sectors, what
do we know so far about what has happened in satellite and aerospace?
This panel of experts talk about what has happened so far, and whether
the facts are vastly different from the myths that have been
perpetrated.

Speaker - Vinit DuggalDirector and Chief Information Security
OfficerIntelsat
Speaker - Chris ChildersFounder and CEONational Defense Group
Moderator - Laura GalanteSenior Fellow at the Atlantic CouncilGalante
Strategies
-----------------------------------------------------------------------


https://www.cybersatsummit.com/event...mmit/speakers/
Robert Hickey
Aviation PM, DHS/S&T Cyber Security Division
Department of Homeland Security
Keynote
Dr. Robert ‘Rob’ Hickey is a staff officer in the Office of the
Director of National Intelligence currently on assignment to the
Department of Homeland Security/Science and Technology (DHS/S&T) where
he is functioning as the program manager and leading the cyber
vulnerability to commercial aircraft assessment. In his previous role
he functioned as the Deputy Director of the Air Domain Intelligence
Integration Element (ADIIE) an element of the Director of National
Intelligence. ADIIE worked with partners at all levels of government,
both domestic and international, and the private sector to help
address the complex intelligence integration and information exchange
needs of the air domain.

He joined the intelligence community (IC) in 2006 as one of the first
Program Managers in the Office of the Director of National
Intelligence (ODNI) Chief Information Office (CIO). He quickly
advanced to the position of CIO Deputy Chief of Staff. He has held
various other positions within the ODNI as the Chief of Staff and
Acting Deputy Director of the National Intelligence University;
Program Manager, Information Technology and Cyber Security for the
National Counter Intelligence Executive/Special Security Directorate;
and the Chief of Staff for the ODNI/Deputy Director Intelligence
Integration/Mission Integration Division. Additionally, Dr. Hickey
served 28 years of commissioned service in the Active Duty Air Force,
US Air Force Reserve, and Air National Guard. Dr. Hickey was recalled
to Active Duty in 2003-2004 to serve as the AF Headquarters, Pentagon,
Future Total Force Initiative Division Chief. Colonel Hickey retired
in 2006 as the Director of Strategic Planning and the Director of
Training for the Maryland National Guard Joint Forces Headquarters.
Furthermore, after leaving active duty in 1986, Dr. Hickey joined
American Airlines as a pilot and after a 21-year career; American
Airlines Captain Hickey retired in 2008. Captain Hickey has amassed in
excess of 9000 flying hours, flown as Pilot in Command or First
Officer on nine different aircraft from the Air Force T-37 and A-10 to
American Airlines MD-88 and MD-11 airliners. Captain Hickey is an Air
Force Command Pilot and holds a type rating in both the MD-88 and the
MD-11.

Dr. Hickey holds a Doctorate Degree in Management with a focus on
information systems technology and has taught as an Adjunct Professor
at Stratford University and is currently teaching at East Coast
Polytechnic Institute University. His research primarily focused on
information systems security training effectiveness within federal
government agencies. Dr. Hickey holds a Master’s Degree in Political
Science, International affairs from Oklahoma State University, and is
a 1978 graduate of the United States Air Force Academy.

Dr. Hickey is married to the Honorable (Brigadier General, USAF, Ret)
Allison Hickey. They have three children and live in Virginia.
-----------------------------------------------------------------------

http://www.aviationtoday.com/2017/11...king-dhs-says/
Boeing 757 Testing Shows Airplanes Vulnerable to Hacking, DHS Says
By Calvin Biesecker | November 8, 2017

Cybersecurity, DHS

A team of government, industry and academic officials successfully
demonstrated that a commercial aircraft could be remotely hacked in a
non-laboratory setting last year, a U.S. Department of Homeland
Security (DHS) official said Wednesday at the 2017 CyberSat Summit in
Tysons Corner, Virginia.

“We got the airplane on Sept. 19, 2016. Two days later, I was
successful in accomplishing a remote, non-cooperative, penetration,”
said Robert Hickey, aviation program manager within the Cyber Security
Division of the DHS Science and Technology (S&T) Directorate.

“[Which] means I didn’t have anybody touching the airplane, I didn’t
have an insider threat. I stood off using typical stuff that could get
through security and we were able to establish a presence on the
systems of the aircraft.” Hickey said the details of the hack and the
work his team are doing are classified, but said they accessed the
aircraft’s systems through radio frequency communications, adding
that, based on the RF configuration of most aircraft, “you can come to
grips pretty quickly where we went” on the aircraft.

The aircraft that DHS is using for its tests is a legacy Boeing 757
commercial plane purchased by the S&T branch. After his speech at the
CyberSat Summit, Hickey told Avionics sister publication Defense Daily
that the testing is with the aircraft on the ground at the airport in
Atlantic City, New Jersey. The initial response from experts was,
“’We’ve known that for years,’” and, “It’s not a big deal,” Hickey
said.

But in March 2017, at a technical exchange meeting, he said seven
airline pilot captains from American Airlines and Delta Air Lines in
the room had no clue.

“All seven of them broke their jaw hitting the table when they said,
‘You guys have known about this for years and haven’t bothered to let
us know because we depend on this stuff to be absolutely the bible,'”
Hickey said.

Hickey, who is a staff officer in the Office of the Director of
National Intelligence on assignment to DHS S&T, said that while
aviation is a subsector of the transportation component of the
National Infrastructure Protection Plan, the focus is squarely on
traditional terrestrial-based systems. The reservation and scheduling
systems of airline aren’t part of Hickey’s research, he said.

“I want to suggest to you that there’s a different type of critical
infrastructure, and that’s critical infrastructure that’s in motion,
of which aviation is one of the third of that,” Hickey said. The
others are surface and maritime transportation, he said.

“And I look at all of those and say, ‘If we’re not looking at those
from a different perspective, we’re going to miss the boat,’ no pun
intended,” Hickey said. He said he doesn’t know the answers yet for
aircraft cyber infrastructure, adding that it’s not a policy issue yet
because more research needs to be done on these systems to understand
what the issues are. Patching avionics subsystem on every aircraft
when a vulnerability is discovered is cost prohibitive, Hickey said.

The cost to change one line of code on a piece of avionics equipment
is $1 million, and it takes a year to implement. For Southwest
Airlines, whose fleet is based on Boeing’s 737, it would “bankrupt”
them if a cyber vulnerability was specific to systems on board 737s,
he said, adding that other airlines that fly 737s would also see their
earnings hurt. Hickey said newer models of 737s and other aircraft,
like Boeing’s 787 and the Airbus Group A350, have been designed with
security in mind, but that legacy aircraft, which make up more than
90% of the commercial planes in the sky, don’t have these protections.

Aircraft also represent different challenges for cybersecurity and
traditional land-based networks, Hickey said. He said that whether
it’s the U.S. Air Force or the commercial sector, there are no
maintenance crews that can deal with ferreting out cyber threats
aboard an aircraft.

“They don’t exist in the maintenance world,” Hickey said, noting that
when he was in the Air Force, he commanded a logistics group. Hickey
was also an airline pilot for more than 20 years. The chief
information officers of airlines “don’t know how to chase a cyber
spark through an airplane either,” Hickey said. “Why? Because they
have been dealing with, and they’re programmed to, and they do a great
job of, protecting the terrestrial-based networks. Airplanes are
absolutely different — crazy different.”

Trying to deal with airplane cybersecurity the same way it is
approached for land-based networks “is going to leave us short of the
mark,” Hickey said.

Hickey's team for his work includes Massachusetts Institute of
Technology, the Energy Department's Pacific Northwest National
Laboratory, University of California San Diego, Sierra Nevada, SRI
International and QED Secure Solutions. QED is led by Johnathan Butts,
a former Air Force officer who has done cyber vulnerability
assessments of Minuteman III intercontinental ballistic missiles and
B-52 bombers, Hickey said.

Two years ago, a security researcher claimed to have hacked into a
passenger aircraft through its in-flight entertainment system while he
was traveling aboard the plane. However, there is no evidence he
accessed flight control systems.

This article was originally published by Defense Daily, an Avionics
sister publication. It has been edited.


2 Comments
CommonSense • 4 days ago
There is a high noise to signal ratio in this article.

The only RF delivered on the 1983 757 would be ACARS, so that would be
the entry point.

Now if it was modified by someone else to have WiFi or other
communications on it, then you are talking about a poorly implemented
modification.

As far as the SWA 737 goes, the Classics are mostly retired, the
NextGens may have WiFi but they were added after the factory without
connecting to the cockpit. The Max's are hopefully secure by design
right from the factory. If Boeing isn't doing the right thing in their
design, then they ought to be liable, not SWA.

------
Bardi • 4 days ago
Yeah, let us start with an aircraft that first came out in 1983. $ 1
million for each aircraft or for a fleet?Changing "one line of code"
is relatively inexpensive as each vulnerable piece of avionics is
cycled through on regular mx.

The aircraft itself is a versatile joy to fly.
-----------------------------------------------------------------------

https://www.cisomag.com/dhs-hacks-boeing-757/


Addressing the huge contingent gathered at the 2017 CyberSat Summit,
Robert Hickey, the aviation program manager within the Cyber Security
Division of the DHS Science and Technology (S&T) Directorate, revealed
that DHS once successfully took controls of Boeing 757 airplane, while
the passenger jet sat on the runway at Atlantic City airport, New
Jersey.

He revealed the chilling details about the hack that was conducted
last year while giving his keynote address at the summit. “We got the
airplane on Sept. 19, 2016. Two days later, I was successful in
accomplishing a remote, non-cooperative, penetration,” said Robert
Hickey, aviation program manager within the Cyber Security Division of
the DHS Science and Technology (S&T) Directorate. “[Which] means I
didn’t have anybody touching the airplane, I didn’t have an insider
threat. I stood off using typical stuff that could get through
security and we were able to establish a presence on the systems of
the aircraft.”

While the details of the hack are still kept under the wraps, Hickey
revealed his team of DHS cyber sleuths achieved the feat by accessing
the radio frequency communications of the plane. According to him the
initial response from experts was, “’We’ve known that for years,’”
and, “It’s not a big deal,” Hickey said.

Apparently, in March, earlier this year, “at a technical exchange
meeting, he said seven airline pilot captains from American Airlines
and Delta Air Lines in the room had no clue,” Hickey was quoted by
Avionics.

“All seven of them broke their jaw hitting the table when they said,
‘You guys have known about this for years and haven’t bothered to let
us know because we depend on this stuff to be absolutely the bible,’”
Hickey said. “I want to suggest to you that there’s a different type
of critical infrastructure, and that’s critical infrastructure that’s
in motion, of which aviation is one of the third of that,” Hickey
said. According to him, the other vectors were surface and maritime
transportation. “And I look at all of those and say, ‘If we’re not
looking at those from a different perspective, we’re going to miss the
boat,’ no pun intended.”
-----------------------------------------------------------------------

http://securityaffairs.co/wordpress/...7-hacking.html

DHS – Tests demonstrate Boeing 757 airplanes vulnerable to hacking
November 13, 2017 By Pierluigi Paganini

Researchers and private industry experts, along with DHS officials,
remotely hacked a Boeing 757 airplane that was parked at the airport
in Atlantic City.

A group of researchers and private industry experts, along with DHS
officials, remotely hacked a Boeing 757 airplane owned by the DHS that
was parked at the airport in Atlantic City, New Jersey.

The team didn’t have physical access to the plan, the experts
interacted with systems on the aircraft remotely via “radio frequency
communications.”

The successful experiment took place in September 2016, pilots were
not informed of the ongoing cyber attacks. In just two days, the
reached their goal, but the details of the hack were not disclosed and
will remain classified.

The experiment and its results were disclosed last week during the
2017 CyberSat Summit in Virginia. The test was revealed by Robert
Hickey, aviation program manager with the Cyber Security Division of
the DHS Science and Technology (S&T) Directorate.

Many aviation experts declared to be aware of the flaw exploited by
Hickey and his team, but seven experienced pilots at American Airlines
and Delta Air Lines airline companies had no knowledge of the issue
when they were briefed in a March 2017 issue.

“All seven of them broke their jaw hitting the table when they said,
‘You guys have known about this for years and haven’t bothered to let
us know because we depend on this stuff to be absolutely the bible,'”
explained Hickey.

boeing 757

Even is the Boeing 757 in no more in production since 2004, but it’s
still largely used by many companies, also President Donald Trump’s
personal airplane is a Boeing 757.

Legacy aircraft, which make up more than 90% of the commercial planes
actually in use, don’t have security protections differently by newer
planes that are built with a security by design approach.

Patch management is a big problem in the avionics industry, the cost
to change just one line of code on a piece of avionics equipment could
reach $1 million, and it takes a year to implement.

For this reason, security updates are not so frequent.

Hacking airplane is not a novelty, in 2015, the FBI arrested the
expert Chris Roberts who claimed to have hacked a commercial airplane
while in flight accessing the plane’s systems by triggering a WiFi
flaw in the in-flight entertainment system.

Modern aircraft are very sophisticated systems, but the massive
introduction of technology could have the side effect to unload their
surface of attack is the risk of airplane hacking is underestimated.
-----------------------------------------------------------------------

http://www.seckurity.com/2017/11/13/...king-dhs-says/

Boeing 757 Airplanes are Vulnerable to Hacking, DHS Says
JAHNAVI M November 13, 2017

Home Boeing 757 Airplanes are Vulnerable to Hacking, DHS Says

At CyberSat Summit in Tysons Corner, Virginia 2017 U.S. Department of
Homeland Security (DHS) official said on Wednesday any commercial
aircrafts are vulnerable to hacking as team of government, industry
and academic officials successfully demonstrated by remotely hacking
in non-laboratory setting.

Robert Hickey, aviation program manager within the Cyber Security
Division of the DHS Science and Technology (S&T) Directorate said “We
got the airplane on Sept. 19, 2016. Two days later, I was successful
in accomplishing a remote, non-cooperative, penetration.”

“[This] means I didn’t have anybody touching the airplane, I didn’t
have an insider threat. I stood off using typical stuff that could get
through security and we were able to establish a presence on the
systems of the aircraft.” Hickey said the details of the hack and the
work his team are doing are classified, but said they accessed the
aircraft’s systems through radio frequency communications, adding
that, based on the RF configuration of most aircraft, “you can come to
grips pretty quickly where we went” on the aircraft.

The aircraft that DHS is using for its tests is a legacy Boeing 757
commercial plane purchased by the S&T branch. Mark Rosenker, the
former chair of the National Transportation Safety Board said “The 757
hasn’t been in production since 2004, but the aging workhorse is still
flown by major airlines like United, Delta and American.” USA
President Trump’s and Vice President Pence often use 757 including
pence recent trip to Texas.

In a statement, Boeing said, “We firmly believe that the test did not
identify any cyber vulnerabilities in the 757, or any other Boeing
aircraft.”

An official briefed on the testing does not believe it revealed an
“extreme vulnerability” to airliners, since it required a very
specific approach in a very specific way on an older aircraft with an
older system.

The official adds, it was good information to have, “but I’m not
afraid to fly.”

In 2015, a security researcher claimed to have hacked into a passenger
aircraft through its in-flight entertainment system while he was
travelling aboard the plane. However, there is no evidence he accessed
flight control systems.
-----------------------------------------------------------------------