Hacker Says NextGen Is Vulnerable To Attack | Aero-News Network
Aero-News Network
RSS icon RSS feed
podcast icon MP3 podcast
Subscribe Aero-News e-mail Newsletter Subscribe

Airborne Unlimited -- Recent Daily Episodes

Episode Date






Airborne On ANN

Airborne 11.23.15

Airborne 11.24.15

Airborne 11.25.15

Airborne 11.19.15

Airborne 11.20.15

Airborne Hi-Def On YouTube

Airborne 11.23.15

Airborne 11.24.15

Airborne 11.25.15

Airborne 11.19.15

Airborne 11.20.15

EAA/ANN AirVenture Innovation Preview

AIP-#1 Vimeo

AIP-#2 Vimeo

AIP-Part 1 YouTube

AIP-Part 2 YouTube

Fri, Aug 17, 2012

Hacker Says NextGen Is Vulnerable To Attack

'Ghost Planes' Could Appear On Your ADS-B-Equipped EFIS

Every time new technology comes along, someone somewhere begins an effort to see how it can be compromised, manipulated, and sometimes even destroyed. And apparently NextGen is no exception.

In a story appearing on NPR, a Canadian computer hacker named Brad Haines said that the data transmitted by ADS-B is unencrypted and unauthenticated. Those are bad words in the computer security world. Haines, who is known in the online community as RenderMan, found he could "spoof" the signals and make your TIS see airplanes where there are none.

Haines imagined a scenario where a hacker suddenly added 50 "ghost airplanes" to an ATC screen. He said that such an attack could make a pilot swerve to miss airplanes that aren't there, or potentially shut down an airport. An hours worth of disruption at a major airport could have ripple effects that could spread worldwide, he said.

Haines and another hacker named Nick Foster created an ADS-B spoof using the FlightGear flightsim game. They say if they had hooked the game up to a low-power transmitter, they could have convinced controllers that they were an actual airplane. The experiment has reportedly been duplicated in France. Both Haines and the French hacker ... Romanian grad student Andrei Costin ... have published papers and made presentations about their work.

The U.S. Air Force has expressed concerns about the potential for "spoofing" NextGen. One cyberwarfare student ... Maj. Donald McCallie ... wrote in a paper last year that NextGen is "on a collision course with history." The FAA has reportedly not yet released the results, or even initial data, from its own security tests. It has been mostly quiet on the reports coming from the Air Force and the hackers. In a one-paragraph statement, the FAA said that an "ADS-B security action plan identified and mitigated risks and monitors the progress of corrective action. These risks are security sensitive and are not publicly available."

The FAA told NPR that it will use a system called "multilateration" to discriminate between real and fake airplanes on ADS-B receivers. But the system requires multiple receivers analyzing every ADS-B signal.

FMI: www.faa.gov


More News

Blue Origin Makes History, But Is The System Practical?

Only Time Will Tell If The Booster Is Truly Reusable On November 23, 2015 Blue Origin achieved a first in rocketry and spaceflight history when their New Shepard launch vehicle suc>[...]

ANN Wishes Our Readers, Listeners And Viewers A VERY Happy Thanksgiving Holiday

Yes... We Will Be On A Holiday Schedule For The Rest Of Week As the Aero-News staff observes the US holiday of Thanksgiving on Thursday, we wanted to let our readers know that ANN >[...]

Airborne 11.25.15: Blue Origin Reusable Rocket!, AMA Reacts, Transgender Pilots

Also: UK CAA, E-Fest 2015, Citizens In Space, Gulfstream G500, Dassault Falcon Jet, CFM LEAP-1A, Tuskegee's Milton Crenchaw ANN Airborne Link: /index.cfm?do=video.playVideo&vid>[...]

ANN FAQ: Disqus

A Powerful New Tool For You To Use For Your Aero-Conversations Want to start a conversation about a story you've seen on Aero-News? It's even easier with Disqus, a powerful, web-ba>[...]

Airborne 11.24.15: UAV Registration Woes, Sennheiser Bails, Poberezny Honors

Also: Hybrid Airship, Aero-Calendar, NAHF2016, R1 Airlines, Pro Line Fusion For CJ3, ERAU Prescott, Quest Kodiak ANN Airborne Link: /index.cfm?do=video.playVideo&videoid=3c2451>[...]

blog comments powered by Disqus





© 2007 - 2015 Web Development & Design by Pauli Systems, LC