Do you know what the person next to you on a plane is doing? Are they reading, looking at their iPad or maybe even hacking the in-flight entertainment system? The days of knitting and crossword puzzles have evolved to tablets, phones and laptops. Therefore, with technology anything is possible.
In April, we covered the cyber security risks that the FAA had identified. The guidelines seemed more cautionary and to be used as preparation for the future. However, recent media reports are claiming otherwise, stating that hacks of that nature have already occurred in the United States.
Who is behind these reported airline cyber attacks? Even though stereotypical hackers may stay low key or anonymous, the person behind 15 to 20-entertainment system hacks from 2011 to 2014, is maintaining his spot in the public eye. Cyber security consultant and hacker, Chris Roberts does not hide behind an avatar or screen name, however when he is joking or being serious is unclear.
On April 15, 2015, Roberts tweeted, “Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM,? Shall we start playing with EICAS messages? “PASS OXYGEN ON” Anyone ? :)”
Even though Roberts claims that the tweet was a joke, it resulted in a search warrant, which allowed Roberts’ devices to be seized when he landed in Syracuse. The FBI confiscated everything from a laptop and tablet to hard drives and thumb drives.
Legal documents and talks with the FBI can be incriminating; however, numerous critics are challenging Roberts’ story. The claims include that Roberts hacked into the climb command and temporary had control over the plane. In addition, reports claim that he was able to monitor air traffic. Although it is unclear if Roberts did accomplish the following claims, the FBI believed enough in the possibility to question and search him.
Regardless of whether it happened or not, proves a business can never be too prepared. While this seems like a problem that mostly affects consumers, it ultimately shows the risks businesses face. It is crucial for businesses to safeguard their customers’ information, because anyone from an amateur hacker across the world to an expert in the U.S. can target a business. Businesses need to authenticate, verify and continue to change with technology.