In the future, it may not be necessary for a hijacker to actually board a plane in order to make it crash. As planes adopt more wireless communications, the potential for attacks made remotely on network systems becomes greater.
This increased threat of “cyberhijacking” has led UK researchers to develop methods for minimising the risk of terrorists taking advantage of system vulnerabilities.
The way such an attack would manifest, according to government cyberterrorism researcher David Stupples, is through system-disrupting malware placed on an aircraft.
It has already been speculated that the mysterious disappearance of flight MH370 earlier this year as it travelled from Kuala Lumpur to Beijing was because of a digital attack, but Stupples told The Guardian he does not believe all planes are equally at risk from these attacks, and in particular MH370's systems were too segregated for this to be possible.
More integrated systems would make it easier for an attacker.
“If we talk about MH370, that certainly didn’t have this level of integration at all,” he said. “But with the A320 and A350 and 787 [different models of airplane] we have got this level of integration.”
He added, however, that taking full control of a plane mid-flight would be no easy task for a cyber terrorist, even if they identified a number of system vulnerabilities.
“You have to get into the autopilot and to get into the autopilot and run it from somewhere you don’t know - it’s very difficult,” he said. “[To do that] you’ll have to have the whole network architecture of the flight system. And all of the interface points to that. Yes, it’s possible, but you have to have a great deal of knowledge.”
Stupples is currently working alongside other researchers to develop software that would recognise dangerous malware on aircraft before it could cause problems.
“We have to address the problem completely differently. We need to look at architectures that can survive a malware attack. This is really important for infrastructure such as power stations, water plants, all of those things, [as well as] aircraft,” he said.
They are building the network in such a way that it could “reconfigure” itself around the malware. “We can do that in a variety of ways which will hopefully not defeat but out-manoeuvre the bad guys.”