dChan
Anonymous ID: 3aa14c July 30, 2019, 7:25 a.m. No.7258220   🗄️.is đź”—kun   >>8289 >>8406 >>8543

US issues hacking security alert for small planes

 

https://www.apnews.com/6219f26c3ea145b6b29b5e69115504a9

 

via Drudge

 

WASHINGTON (AP) — The Department of Homeland Security issued a security alert Tuesday for small planes, warning that modern flight systems are vulnerable to hacking if someone manages to gain physical access to the aircraft.

 

An alert from the DHS critical infrastructure computer emergency response tea m recommends that plane owners ensure they restrict unauthorized physical access to their aircraft until the industry develops safeguards to address the issue, which was discovered by a Boston-based cybersecurity company and reported to the federal government.

 

Most airports have security in place to restrict unauthorized access and there is no evidence that anyone has exploited the vulnerability. But a DHS official told The Associated Press that the agency independently confirmed the security flaw with outside partners and a national research laboratory, and decided it was necessary to issue the warning.

 

The cybersecurity firm, Rapid7, found that an attacker could potentially disrupt electronic messages transmitted across a small plane’s network, for example by attaching a small device to its wiring, that would affect aircraft systems.

 

Engine readings, compass data, altitude and other readings “could all be manipulated to provide false measurements to the pilot,” according to the DHS alert.

 

The warning reflects the fact that aircraft systems are increasingly reliant on networked communications systems, much like modern cars. The auto industry has already taken steps to address similar concerns after researchers exposed vulnerabilities.

 

The Rapid7 report focused only on small aircraft because their systems are easier for researchers to acquire. Large aircraft frequently use more complex systems and must meet additional security requirements. The DHS alert does not apply to older small planes with mechanical control systems.

 

But Patrick Kiley, Rapid7′s lead researcher on the issue, said an attacker could exploit the vulnerability with access to a plane or by bypassing airport security.

 

“Someone with five minutes and a set of lock picks can gain access (or) there’s easily access through the engine compartment,” Kiley said.

 

Jeffrey Troy, president of the Aviation Information Sharing and Analysis Center, an industry organization for cybersecurity information, said there is a need to improve the security in networked operating systems but emphasized that the hack depends on bypassing physical security controls mandated by law.

 

With access, “you have hundreds of possibilities to disrupt any system or part of an aircraft,” Troy said.

 

The Federal Aviation Administration said in a statement that a scenario where someone has unrestricted physical access is unlikely, but the report is also “an important reminder to remain vigilant” about physical and cybersecurity aircraft procedures.

 

Aviation cybersecurity has been an issue of growing concern around the world.

 

In March, the U.S. Department of Transportation’s inspector general found that the FAA had “not completed a comprehensive, strategy policy framework to identify and mitigate cybersecurity risks.” The FAA agreed and said it would look to have a plan in place by the end of September.

 

[…]

 

https://www.apnews.com/6219f26c3ea145b6b29b5e69115504a9

Anonymous ID: 3aa14c July 30, 2019, 7:26 a.m. No.7258233   🗄️.is đź”—kun   >>8268

Hacked Highways? Connected Cars Could Gridlock Entire Cities, Study Warns

 

https://www.studyfinds.org/hacked-highways-connected-cars-could-gridlock-entire-cities/

 

via Drudge

 

ATLANTA — Cybersecurity has quickly become a priority for large corporations, businesses, and individuals alike in recent years. It seems like another major data breach is being reported every other week, and personal online accounts are often compromised by malicious actors. Now, a new study out of the Georgia Institute of Technology has found that hackers may soon be able to cause major traffic problems in the real world by hacking and stranding internet-connected cars.

 

The study’s authors theorize that hackers would only have to shut down a portion of cars on the road in a busy city like Manhattan during rush hour to completely shut down traffic and gridlock the city. Researchers hope that their findings will spark a more detailed analysis of automotive cybersecurity, especially moving forward as cars become more and more high tech.

 

“Unlike most of the data breaches we hear about, hacked cars have physical consequences,” says co-author Peter Yunker in a release.

 

Yunker and his team say that right now the automotive cybersecurity sector is focusing too much on hacks that target one car, and they need to consider the possibility that a higher number of cars being hacked at the same time could lead to mayhem.

 

“With cars, one of the worrying things is that currently there is effectively one central computing system, and a lot runs through it. You don’t necessarily have separate systems to run your car and run your satellite radio. If you can get into one, you may be able to get into the other,” explains co-author Jesse Silverberg

 

[…]

 

https://www.studyfinds.org/hacked-highways-connected-cars-could-gridlock-entire-cities/