of Google's leading security experts, Ben Hawkes, warns cybercriminals using two 0-day iOS vulnerabilities in…
“An attacker who has physical access to the aircraft can connect to the CAN tire a special device that can be used to enter false data, which will lead to the display of incorrect readings on the on-board equipment”, – write CISA specialists.
The Department of Homeland Security warning is based on a recently published study conducted by a Rapid7 specialist and amateur pilot Patrick Kiley.
He demonstrated that, having physical access to the aircraft, the attacker will be able to change the engine’s telemetry readings, compass data and position angle in space, altitude, airspeed, and angle of attack. Keeley will give a report on this topic at the Defcon conference in August of this year.
Researcher and CISA experts fear that the exploitation of these problems could lead to air crashes and other aviation accidents. The Rapid7 blog emphasizes that the aviation industry, unfortunately, still stays behind the automotive industry when it comes to cybersecurity.
Read also: British Airways will pay a record penalty for data leakage within the GDPR
For example, aircraft manufacturers do not even try to prevent unauthorized access to aircraft CAN-tires. While it is very difficult to get access to the CAN-tires of a modern car, and for this, it is will be necessary to break or remove some car components.
As a result, CISA recommends that aircraft owners limit physical access to aircraft and avionics components whenever possible.
Keely points out that most of the time aircrafts are, of course, in a safe environment, which usually includes many physical security measures, but this is not necessarily good.
“Just like a football helmet can ultimately increase the risk of head injuries, increased physical safety of aircraft can paradoxically make them more vulnerable to cyberattacks”, – emphasizes Patrick Kiley.
Franoapas.co.in is a site that tries to trick you into clik to its browser notifications…
News-xwamovi.cc is a site that tries to force you into clik to its browser notifications…
Happybase.xyz is a site that tries to force you into clik to its browser notifications…
Kentosim.xyz is a domain that tries to force you into clik to its browser notifications…
News-xhunoyi.cc is a domain that tries to force you into clik to its browser notifications…
Dingaber.xyz is a domain that tries to trick you into clik to its browser notifications…