Missing Malaysia Airlines flight could have fallen victim to world's first 'cyber-hijack'
Messages dedicated to people on the missing plane at Kuala Lumpur International Airport. Photo: AP
Flight MH370 could have fallen victim to the world's first "cyber-hijack", with a British anti-terrorist expert saying a plane could be taken over using a mobile phone or USB stick.
Former Home Office scientific adviser Dr Sally Leivesley said hackers could change the plane's speed, altitude and direction by sending radio signals to its flight management system.
It could then be landed or made to crash by remote control, Dr Leivesley told the Sunday Expressin London.
A member of a rescue team looks through binoculars during a search and rescue operation to find the missing Malaysia Airlines Flight MH370
More than a week after the Malaysia Airways Boeing 777 went missing with 239 people on board, theories are all family and friends have to explain the fate of the plane.
Flight MH370 vanished en route from Kuala Lumpur to Beijing. At the weekend, Malaysian police finally confirmed that the disappearance was a deliberate act and searched the captain and co-pilot's homes.
Dr Leivesley, who runs her own company training businesses and governments to counter terrorist attacks, told the Sunday Express she believed malicious codes, triggered by a mobile phone, would have been able to override the aircraft's security.
"There appears to be an element of planning from someone with a very sophisticated systems engineering understanding," Dr Leivesley said.
"This is a very early version of what I would call a smart plane, a fly-by-wire aircraft controlled by electronic signals.
"It is looking more and more likely that the control of some systems was taken over in a deceptive manner, either manually, so someone sitting in a seat overriding the autopilot, or via a remote device turning off or overwhelming the systems.
"A mobile phone could have been used to do so or a USB stick.
"When the plane is air-side, you can insert a set of commands and codes that may initiate, on signal, a set of processes."
Dr Leivesley said the hacking threat was raised at a science conference in China last year.
"What we are finding now is that it is possible with a mobile phone to initiate a signal to a preset piece of malicious software, or malware, in the computer that initiates a whole set of instructions," she said.
"It is possible for hackers — be they part of organised crime or with government backgrounds — to get into the main computer network of the plane through the inflight, onboard entertainment system.
"If you have got any connections whatsoever between the computing systems, you can jump across and you can get into the flight critical system.
"To really protect your computer systems, you do not let anything connect with them and you would keep the inflight systems totally in their own loop so nothing whatsoever connects.
"There are now a number of ways, however, in which the gap between those systems and a hand-held device like a mobile phone can be overcome."
The Sunday Express reported that last April, a German security consultant and commercial pilot unveiled a way to hijack a plane remotely using a phone.
Addressing the Hack In The Box security summit in Amsterdam, the consultant Hugo Teso said he had spent three years developing a series of malicious codes on a mobile phone app called PlaneSploit that hacked into an aircraft's security system.
RMIT Associate Professor Cees Bil, an expert in aircraft design, said he did not believe it would be possible to hijack a plane with a mobile phone.
"I don't think so at all," Associate Professor Bil said.
"There is no way with a hand-held mobile phone you could do it."
He said it was unlikely that an in-flight entertainment system would be at all linked with software controlling the plane.
"I believe this is very far-fetched and with all the regulations, checks and safety systems in place, I don't believe something as simple as a phone can interfere with the security system," he said.
The Civil Aviation Safety Authority refused to disclose whether there were links between in-flight entertainment and the control systems of planes. A spokesman said it would not comment while the investigation was ongoing.
Virgin Australia confirmed its in-flight entertainment worked via a secure, stand-alone system.
No comments:
Post a Comment