Putting this right with Pastorius' breaking news below.
Computer malfunctions on a jet? Taken with this? And news some days ago that China may have manufactured suspect parts used in jets?
Curiouser and curiouser
Counterterrorism Blog:
Hack-Jet: Losing a commercial airliner in a networked world
By Roderick Jones
When there is a catastrophic loss of an aircraft in any circumstances, there are inevitably a host of questions raised about the safety and security of the aviation operation. The loss of Air France flight 447 off the coast of Brazil with little evidence upon which to work inevitably raises the level of speculation surrounding the fate of the flight. Large-scale incidents such as this create an enormous cloud of data, which has to be investigated in order to discover the pattern of events, which led to the loss (not helped when some of it may be two miles under the ocean surface). So far French authorities have been quick to rule out terrorism it has however, emerged that a bomb hoax against an Air France flight had been made the previous week flying a different route from Argentina. This currently does not seem to be linked and no terrorist group has claimed responsibility. Much of the speculation regarding the fate of the aircraft has focused on the effects of bad weather or a glitch in the fly-by-wire system that could have caused the plane to dive uncontrollably. There is however another theory, which while currently unlikely, if true would change the global aviation security situation overnight. A Hacked-Jet.
Given the plethora of software modern jets rely on it seems reasonable to assume that these systems could be compromised by code designed to trigger catastrophic systemic events within the aircraft's navigation or other critical electronic systems. Just as aircraft have a physical presence they increasingly have a virtual footprint and this changes their vulnerability. A systemic software corruption may account for the mysterious absence of a Mayday call - the communications system may have been offline. Designing airport and aviation security to keep lethal code off civilian aircraft would in the short-term, be beyond any government civil security regime. A malicious code attack of this kind against any civilian airliner would, therefore be catastrophic not only for the airline industry but also for the wider global economy until security caught up with this new threat. The technical ability to conduct an attack of this kind remains highly specialized (for now) but the knowledge to conduct attacks in this mold would be as deadly as WMD and easier to spread through our networked world. Electronic systems on aircraft are designed for safety not security, they therefore do not account for malicious internal actions.
While this may seem the stuff of fiction in January 2008 this broad topic was discussed due to the planned arrival of the Boeing 787, which is designed to be more 'wired' --offering greater passenger connectivity. Air Safety regulations have not been designed to accommodate the idea of an attack against on-board electronic systems and the FAA proposed special conditions , which were subsequently commented upon by the Air Line Pilots Association and Airbus. There is some interesting back and forth in the proposed special conditions, which are after all only to apply to the Boeing 787. In one section, Airbus rightly pointed out that making it a safety condition that the internal design of civilian aircraft should 'prevent all inadvertent or malicious changes to [the electronic system]' would be impossible during the life cycle of the aircraft because 'security threats evolve very rapidly'.
Boeing responded to these reports in an AP article stating that there were sufficient safeguards to shut out the Internet from internal aircraft systems a conclusion the FAA broadly agreed with - Wired Magazine covered much of the ground. During the press surrounding this the security writer Bruce Schneier commented that, "The odds of this being perfect are zero. It's possible Boeing can make their connection to the Internet secure. If they do, it will be the first time in the history of mankind anyone's done that." Of course securing the airborne aircraft isn't the only concern when maintenance and diagnostic systems constantly refresh while the aircraft is on the ground. Malicious action could infect any part of this process.
While a combination of factors probably led to the tragic loss of flight AF447 the current uncertainty serves to highlight a potential game-changing aviation security scenario that no airline or government is equipped to face.
4 comments:
This is probably just a coincidence -- and if those two Islamist passengers were on the list, how did they get on the plane? But just on the off-chance, would it be possible for passengers to interfere with the plane's computer systems from inside the cabin?
Once again proving my consummate squib-hood in all things cyber.
It's possible, but not likely. Would take some degree of sophistication I would think.
I don't necessarily think any of these theories should be eliminated. Terrorism in some new form is definitely possible although it could have simply been some unexpected technological malfunction or weather...This was a good concise post on a theory I had heard relatively nothing about.
Here is a video mashup of what a lot of the media is saying regarding the crash:
http://www.newsy.com/videos/air_france_mystery_continues
I've been trying to find it and can't so far.
Within the last month or so there was a story (and not on a conspiracy theory site) about China having manufactured jets or computers for jets or something along the lines where they (or anyone with the right info & gear) could hack that jet's controls from the ground. If I find it I will either link it or put it up here.
I'm not saying that's what happened here, just an intersting tie in.
Post a Comment