With about $600 and a few tools, hackers could fake the radio signals used by commercial airplanes to navigate and land safely, according to new research.
In a paper and demonstration from researchers at Northeastern University in Boston, a software defined radio — a non-traditional radio that uses software instead of hardware for many components — successfully tricks a simulated plane into thinking that the aircraft is traveling off-course.
Through a process called ‘spoofing’ — a term also applied to scam and robo-callers who fake their numbers — researchers are able to deceive an aircraft’s course deviation indicator into thinking the plane is off-center.
This causes it to misalign or falsely ‘correct’ its trajectory and land adjacent to the runway.
As first reported by Ars Technica, the radio signals spoofed by their device, are the same signals used in almost every aircraft throughout the last 50 years, including those on-board large commercial jetliners.
Because of the technology’s age, radio signals used in Instrument Landing Systems (ILS), are not encrypted or authenticated like other digitally transferred data, they say.
While the tools used by researchers in the demonstration aren’t necessarily new, Ars Technica notes that the cost of such devices have come down, making the type of attack more feasible for hackers than ever before.
Researchers note that an attack using their method is possible, but in many cases, misaligned planes can swiftly be corrected by adept pilots who are able to see their positioning in clear conditions and either adjust or perform a fly-around.
To make the attack work, hackers would also likely need a directed antenna to help boost the signal, making the probability that hackers could sneak the necessary tools onto a plane unlikely.
For a ground attack, attackers would still have to be somewhat proximate to a runway — again, with a fair amount of equipment — making the likelihood that they would be detected much higher.
Even with some pretty precise premeditation, however, other factors, including low-viability weather like fog or rain, would increase the chances of a successful hack.
Many times pilots rely heavily on radio signals to position and land their aircraft before visibly seeing the runway, coming as close as 50 feet to the ground before deciding to perform a fly-around.
There is also some precedent for the adverse potential of dysfunctional ILS — in one recent case, problems with signals have lead to jarring results.
As noted by Ars Technica, interference with a planes localizer signals in 2011 resulted in a Singapore Airlines flight careening off a runway in Germany and halting in the grass. Luckily, no one was harmed in the potentially disastrous incident.
To help mitigate the possibility, researchers say planes should employ the use of cryptographic GPS systems like those used by the U.S. military which would add a level of security — that is if those signals aren’t spoofed too.