Summary: An official statement issued by an FBI agent reveals that InfoSec researcher Chris Roberts has confessed to hacking into the controls of a flying aircraft triggering it to climb — John McAfee (founder of McAfee anti-virus software) is supporting Roberts on this issue.
Earlier we reported how vulnerable In-Flight systems can be taken over by hackers. We also reported how the hacker who found this vulnerability was kicked out by the FBI from United Airlines flight when he was heading to RSA security conference.
Now, things have taken turn to a totally wrong side because the FBI is accusing Roberts of hacking into the In-flight systems of a United Airline flight and altering its movement from his passenger seat — Robert claims he only found out the vulnerability and didn’t hack or alter the plane’s movement.
Bad joke causes FBI snatching electronic devices:
Roberts often pointed fingers at discrepancies of the computer networks in airplanes, which could be easily abused and can render the avionics to be tempered with.
In mid-April, while flying to Syracuse, New York, Roberts jokingly tweeted a message , saying that he would supervise the security of the airplane by accessing the EICAS (engine-indicating and crew-alerting system) via the in-flight entertainment (IFE) network. Following the researchers arrest from the FBI although he was released four hours later after all his electronic gadgets were detained.
Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? "PASS OXYGEN ON" Anyone ? :)
— Sidragon: (@Sidragon1) April 15, 2015
United Airlines Bug Bounty Program: Report Security Flaw, Get Rewards
This was not Roberts’ first encounter with the FBI, though. Between February 13 and March 5, 2015, the agents interviewed the researcher multiple times to get his take on the susceptibilities in the IFE systems on Boeing and Airbus aircrafts.
Hacker changes direction of the plane:
Conferring to the affidavit (published by Canadian news outlet APTN) presented by special agent Mark Hurley demanded a search warrant request for the recently seized electronics, Roberts confessed to exploiting the exposed malfunctions during flight.
The document states that, between 2011 and 2014, the researcher tested approximately 15 to 20 times and the breaking point was the video monitor installed in the passenger seatbacks (Seat Electronic Box).
After hacking into the IFE network via a laptop hooked with a Cat6 ethernet cable, Roberts then accessed into other systems on the aircraft.
While on-board the flight, he was able to overwrite the code on the plane’s Thrust Management Computer and issue a “climb” command. This caused the aircraft to change direction and move sideways.det
The account’s context is not completely clear from the affidavit, however, the information was derived from a much larger pool in order to attain search warrant for the devices. Hurley later revealed that hence the affidavit was only to secure a search warrant so he did not include all the well known facts regarding the investigation. It is to be noted that it is a complex task only to be fulfilled by a person of extraordinary ability, skills and specialized tools that are not publicly accessible.
You Tube video about John McAfee in support of his pal Chris Roberts:
In this video Luke Rudkowski in conversation with John McAfee at the Hack Miami Conference about his friend Chris Roberts who is a white hat hacker that recently hijacked an airplane through the entertainment system.
McAfee breaks down the latest news with Chris Roberts, he stated that his friend Chris Roberts was onboard a flight from Philadelphia to Chicago and playfully hacked through the plane’s entertainment systems and took airline controls, he claimed that they were just above 35000 feet and there were no risks associated with the hack whatsoever.
People associated with Yahoo security condemned the act, calling it terrible and a lack of conscience while McAfee negated that statement, and asked the U.S government to reconsider its stance of detaining Roberts on accounts of terrorism which could also mean lifetime imprisonment to Chris Roberts.
He further added that Chris Roberts has an exceptional record and all he did was highlighting the flawed security system, which was in fact his job, to watch guard the airlines lack of security and which could be held as a ground for building up a safer system and it must be taken in good stride.
Watch the video below: