Satellite communications systems have security vulnerabilities that may allow hackers to gain access to aircraft systems, according to cyber security expert Ruben Santamarta, principal security consultant at IOActive Security Services, speaking at the Black Hat USA conference early last month. Santamarta and IOActive published a white paper that discusses security vulnerabilities in air, sea and land satcom systems, including systems made by Cobham (formerly Thrane & Thrane) and Iridium.
At last week’s Black Hat USA 2014 conference, Ruben Santamarta, the principal security consultant at IOActive Security Services, raised the issue of whether satellite communications systems have security vulnerabilities that might allow hackers to gain access to aircraft systems. Santamarta and IOActive published a white paper that discusses security vulnerabilities in air, sea and land satcom systems. “Today we are disclosing details to help people verify those findings,” Santamarta explained.
While the DOT has made some progress in its information security program, some systems remain vulnerable to significant security threats stemming from deficiencies in policies and procedures, enterprise-level controls, system controls and management of known security weaknesses, according to a recent audit report from the department’s office of the inspector general (IG). The IG made a number of recommendations.
The Flight Safety Foundation (FSF) signed a memorandum of understanding with Mitre on October 31 to collaborate on developing database solutions to emerging aviation safety issues at both the local and regional level around the world.
An article in AIN’s September issue addressed concerns that have been raised about the security of the ADS-B system, which is headed for widespread deployment around the world. ADS-B is designed to replace radar as the primary method for surveillance of airborne traffic.