Hacker Told FBI He Forced Plane to Climb, Fly Sideways

A security researcher has told the FBI that he was able to take control of an airplane by hacking into its in-flight entertainment system, forcing it to "climb" and change its course.

Chris Roberts, founder of cybersecurity company One World Labs and popular name in the hacking world, explained the process to an FBI affidavit, who wrote in search warrant application that he also overwrote the code on a United Airlines flight's Thrust Management Computer while on board the a flight, according to The Telegraph.

The affidavit said Roberts successfully took control of the climb command, making one of the plane's engines climb and resulting in the aircraft flying sideways during the flight.

"He also stated that he used Vortex software after compromising/exploiting or 'hacking' the aeroplane's networks. He used the software to monitor traffic from the cockpit system," the affidavit wrote in the application.

Roberts wrote a tongue-and-cheek tweet last month suggesting he might hack into the network of a plane flying from Chicago, Ill. to Syracuse, N.Y., Wired reported. This prompted two FBI agents and two local police officers to escort Roberts after his flight landed and interrogate him for several hours, seizing two laptop computers and several hard drives and USB sticks in the process. While the officials didn't have a warrant when they took the devices, they told Roberts a warrant was on its way.

Canada's APTN News was the first outlet to obtain the warrant application, publishing it on Friday.

Roberts told investigators that he has hacked plane computer systems before by attaching a ethernet cable directly to the "Seat Electronic Box" that are placed under some seats, and that he has done this over a dozen times since 2011, The Telegraph reported.

While it isn't clear if Roberts indeed hacked the plane, he did say that the application isn't completely accurate.

"That paragraph that's in there is one paragraph out of a lot of discussions, so there is context that is obviously missing which obviously I can't say anything about," he said.

"It would appear from what I've seen that the federal guys took one paragraph out of a lot of discussions and a lot of meetings and notes and just chose that one as opposed to plenty of others."

The incident has resulted in investors on the board of directors of One World Labs withdrawing their investments in the company, leading to the firm laying off about a dozen employees, which makes up half of its staff, Wired reported.

"The board has deemed it a risk," Roberts said, referring to the hacking. "So that was one factor in many that made their decision. Their decision was not to fund the organization any further."

Another result from the incident was United Airlines launching a "bug bounty" program last week that would give White Knight (friendly) hackers up to a million free air-miles if they can find problems in their business computer systems, The Telegraph reported. The only bugs that don't apply to the program are those found on "on-board Wi-Fi, entertainment systems or avionics."

Tags
Hacker, United Airlines, FBI, Chicago, Syracuse
Real Time Analytics