[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Feds Say That Banned Researcher Commandeered a Plane
From: InfoSec News <alerts () infosecnews ! org>
Date: 2015-05-18 14:17:49
Message-ID: alpine.DEB.2.02.1505181417390.28896 () infosecnews ! org
[Download RAW message or body]
http://www.wired.com/2015/05/feds-say-banned-researcher-commandeered-plane/
By Kim Zetter
Wired.com
05.15.15
A SECURITY RESEARCHER kicked off a United Airlines flight last month after
tweeting about security vulnerabilities in its system had previously taken
control of an airplane and caused it to briefly fly sideways, according to
an application for a search warrant filed by an FBI agent.
Chris Roberts, a security researcher with One World Labs, told the FBI
agent during an interview in February that he had hacked the in-flight
entertainment system, or IFE, on an airplane and overwrote code on the
plane's Thrust Management Computer while aboard the flight. He was able to
issue a climb command and make the plane briefly change course, the
document states.
"He stated that he thereby caused one of the airplane engines to climb
resulting in a lateral or sideways movement of the plane during one of
these flights," FBI Special Agent Mark Hurley wrote in his warrant
application (.pdf). "He also stated that he used Vortex software after
comprising/exploiting or ‘hacking' the airplane's networks. He used the
software to monitor traffic from the cockpit system."
Hurley filed the search warrant application last month after Roberts was
removed from a United Airlines flight from Chicago to Syracuse, New York,
because he published a facetious tweet suggesting he might hack into the
plane's network. Upon landing in Syracuse, two FBI agents and two local
police officers escorted him from the plane and interrogated him for
several hours. They also seized two laptop computers and several hard
drives and USB sticks. Although the agents did not have a warrant when
they seized the devices, they told Roberts a warrant was pending.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic