Gogo Inc., a world-renowned in-flight broadband Internet service and other connectivity services provider for business and commercial airplanes has launched its own bug bounty program urging hackers and security researchers to discover security flaws and vulnerabilities in their website and Gogo’s airborne systems that allow users to connect to the Internet, watch live TV and on-demand videos.
The sole purpose of this bug bounty program is to secure Gogo’s cyber-infrastructure including the use of its system by employees and customers. In an official press release, Gogo explained that “Our goal with this program is to ensure that Gogo’s customers and employees are using a secure platform that’s free of security vulnerabilities. For testing the airborne systems, researchers will only be able to access these systems while flying on a Gogo equipped aircraft.”
The websites that are eligible for testing are gogoair.com and Gogoinflig
Currently, airlines using Gogo include Aeroméxico, Aer Lingus, American Airlines, Air Canada, Alaska Airlines, Beijing Capital, British Airways, Delta Air Lines, GOL, Hainan Airlines, Iberia, Japan Airlines, JTA, United Airlines, Vietnam Airlines, Virgin America and Virgin Atlantic. In-flight entertainment partners include American Airlines, Alaska Airlines, Air Canada, Aeromexico, Delta Air Lines, Japan Airlines, JTA, GOL, Hainan Airlines, United Airlines and Scoot. When they were in business it was used by AirTran Airways and US Airways
Gogo Inc. will pay researchers a sum between $100 to $1,500 per bug.
The announcement came as no surprise since it was recently revealed in documents leaked by Edward Snowden that The US’s National Security Agency (NSA) and British Government Communication Headquarters (GCHQ) both spied on passengers’ in-flight phone calls.
Must Read: Reporter Gets His Email Hacked on The Plane
The safety concerns about in-flight entertainment systems are not now but it all started when Chris Roberts, a security researcher from World Labs identified risks in airplane in-flight entertainment systems that could be used to take control of an aircraft. After his findings, United Airlines launched its first-ever bug bounty program to fix dangerous vulnerabilities in their systems.