Everyone loves in-flight Wi-Fi… until it allows a hacker to infiltrate the plane’s satellite communications equipment. CBCNews brings us word that security researcher Ruben Santamarta of IOActive is going to present new findings at the Black Hat conference in Las Vegas this week showing how to use a plane’s Wi-Fi and even its in-flight entertainment system to hack into its satellite equipment.
“These devices are wide open,” Santamarta said in a recent interview. “The goal of this talk is to help change that situation.”
One of the biggest vulnerabilities that Santamarta found relates to satellite equipment manufacturers’ system of hardcoded that they designed to let engineers access multiple different pieces of equipment with just one login name and password. Santamarta found that he could retrieve these hugely important login credentials from the satellite equipment’s firmware and then use them to access several key pieces of communications infrastructure.
Santamarta concedes that he’s only had success doing this in a controlled environment so far and satellite equipment manufacturers who have reviewed his paper tell CBCNews that the risk of an actual hack is “very small.” Nonetheless, Santamarta’s research might prompt a thorough review of security protocols for important airplane equipment, which can never be a bad thing.