Seven years after the Federal Aviation Administration first warned Boeing that its new Dreamliner aircraft had a Wi-Fi design that made it vulnerable to hacking, a new government report suggests the passenger jets might still be vulnerable.
Boeing 787 Dreamliner jets, as well as Airbus A350 and A380 aircraft, have Wi-Fi passenger networks that use the same network as the avionics systems of the planes, raising the possibility that a hacker could hijack the navigation system or commandeer the plane through the in-plane network, according to the US Government Accountability Office, which released a report about the planes today.
A hacker would have to first bypass a firewall that separates the Wi-Fi system from the avionics system. But firewalls are not impenetrable, particularly if they are misconfigured. A better design, security experts have warned for years, is to air gap critical systems from non-critical ones—that is, physically separate the networks so that a hacker on the plane can’t bridge from one to the other, nor can a remote hacker pass malware through the internet connection to the plane’s avionics system. As the report notes, because the Wi-Fi systems in these planes connect to the world outside the plane, it opens the door for malicious actors to also remotely harm the plane’s system.
“A virus or malware planted in websites visited by passengers could provide an opportunity for a malicious attacker to access the IP-connected onboard information system through their infected machines,” according to the report.
Members of the House Transportation and Infrastructure Committee requested the report from the GAO out of growing concern that modern transportation systems, including planes, trains and automobiles, are becoming increasingly computerized and therefore susceptible to some of the same vulnerabilities and attacks that have long plagued desktop and laptop systems.
Boeing responded to the GAO report with a statement saying that a pilot manual override system would prevent someone from successfully commandeering its planes in this way.
This is not the first time the issue of aviation Wi-Fi security has come up for Boeing. In 2008, while Boeing was in the final stages of production on its new Dreamliner line of planes, the Federal Aviation Administration issued a report directing Boeing to address concerns about the passenger Wi-Fi system. The report was a “special conditions” document that the FAA produces whenever it encounters new aircraft designs and technologies that aren’t addressed by existing regulations and standards.
That report was pointing out the same problem that’s getting the company in trouble today. Boeing’s design for the Dreamliner’s Wi-Fi network, the FAA noted in the document, connected it to the plane’s control, navigation and communication systems, thereby establishing “new kinds of passenger connectivity to previously isolated data networks” that are critical to the safe operation of the plane. The FAA called on Boeing at the time to demonstrate that it had resolved this issue before the new line of planes could be put into service.
Boeing spokeswoman Lori Gunter told WIRED in 2008 that the company did indeed design a solution to address the FAA concerns. She wouldn’t go into detail about how Boeing was tackling the problem but said Boeing was employing a combination of solutions that involved some physical air-gapping of the networks as well as software firewalls. “There are places where the networks are not touching, and there are places where they are,” she had said.
Gunter added that although data could pass between the networks, “there are protections in place” to ensure that the passenger internet service didn’t access the maintenance data or the navigation system “under any circumstance.”
But security experts had warned at the time that software firewalls were still insufficient to separate critical networks from the Wi-Fi network.
It’s unclear if the authors of the new GAO report tested or examined Boeing’s solution and found it was still vulnerable to hacking or if they simply based their report on statements from experts that any design that doesn’t involve complete air-gapping of networks is vulnerable to hacking.
Boeing responded to the GAO report with a statement saying that “Boeing airplanes have more than one navigational system available to pilots” and that “[n]o changes to the flight plans loaded into the airplane systems can take place without pilot review and approval. In addition, other systems, multiple security measures, and flight deck operating procedures help ensure safe and secure airplane operations.”
Airbus also released a statement, which said only that it “constantly assesses and revisits the system architecture of our products, with an eye to establishing and maintaining the highest standards of safety and security. Beyond that, we don’t discuss design details or safeguards publicly, as such discussion might be counterproductive to security.”