The prospect of a terrorist cyberattack on an airplane struck federal intelligence analysts as more pie-in-the-sky than a real possibility, newly released documents show.
The modern airliner’s reliance on digital flight-control systems make some believe planes are vulnerable to malware that could be uploaded either online or through a direct connection, notes an assessment by Transport Canada’s security intelligence assessment branch.
Although there are no confirmed cases of malware being used to hijack an aircraft’s flight systems, it is “theoretically possible to do so,” says the November 2014 assessment, recently obtained under the Access to Information Act.
“Changing flight control settings at critical times (landing or takeoff) could be catastrophic,” the note allowed, but added: “The likelihood of such an event is assessed as very low.”
There were suggestions that a 2010 Spanair crash could have been caused by a cyberattack because the plane’s flaps and wing slats were in the wrong position, but this had not been communicated electronically to the flight crew, the analysts pointed out.
“Investigators were unable to determine if malware was the cause of the system fault.”
British researchers were working to limit the effects of a possible attack by adding software that recognizes a malicious bug and routes around it, Transport Canada added.
The issue emerged again in January when messages posted on a forum related to the extremist Islamic State of Iraq and the Levant suggested a virtual attack on western aviation. Hacking air-traffic control computers and jamming communications with aircraft could trigger hundreds or even thousands of accidents, one poster commented.
Tampering with the computers “would be like a nuclear bomb exploded in the centre of the White House,” the individual wrote.
A three-page Transport Canada assessment, parts of which remain secret, played down the online boasts, saying “there was no mention of how to cause such a shutdown or what was required to do so.”
The federal analysts acknowledged that, according to expert hackers, it is possible to create non-existent ghost aircraft signals that would create confusion for air-traffic controllers and pilots, who would not know which ones were real.
However, the tests were all performed in a laboratory setting, the assessment says. In addition, the U.S. Federal Aviation Administration has pointed to multiple levels of redundancy and cross-checking of data with radar to ensure aircraft would never be endangered by spoofed signals.
As a result, the “jihadi statement that any malfunction or hack into the system is guaranteed to cause an aircraft collision is simply not the case,” the Transport Canada assessment concluded.
The department also expressed skepticism about another potential vulnerability cited by experts — infiltration of a plane’s satellite communication system (SATCOM) through the in-flight entertainment console.
“The entertainment system is electronically separate from the other aircraft systems and only shares a power source. Currently there are no routes with which a passenger could infect the aircraft SATCOM or navigation systems via the entertainment console,” the intelligence assessment says.
“Therefore, the possibility of a terrorist being able to directly influence the flight via the entertainment system is assessed as very low.”
A few months later, court documents revealed the U.S. Federal Bureau of Investigation was probing a man’s claim that he had made a plane move sideways by executing a hack via the entertainment system.
A Transport Canada spokeswoman had nothing immediate to add to the department’s assessments.
Safe air travel is a critical priority for Canadians, and vital to national security generally, said Marc-Andre O’Rourke, executive director of the National Airlines Council of Canada, which represents major carriers including Air Canada.
“Given the security nature of this issue, we are unable to comment further.”