Case 7-1: ACARS (Aircraft Communications Addressing and Reporting System)
1.Which of the two aircraft breaches is more serious: the breach described here or the breach created by the hacker (described earlier in the chapter) who took control of a plane’s throttle briefly through the entertainment system and then tweeted about it? Why? -ryan verrilli
Both breaches are extremely unsafe scenarios and it is difficult to say which is more serious, however I have to say that the hacker who took control of a plane’s thrust control is more serious. In regards to the other breach, the hackers sent bogus flight plans to many different planes, but the important element here is that the crew would have to accept this plan. When the flight crew is looking at their route, they also have a printed paper route that will show the same waypoints which can be used to verify the flight plan that was sent over ACARS. The crew can also call the flight services station and request the waypoints that were filed in the flight plan as well, providing another layer of verification. As long as the crew is paying attention to their flight plan that was filed by the airline, they should recognize the bogus flight plan to be a fake. However, if the crew fails to recognize the fake flight plan it could lead to an in-air collision. Air traffic control is assuming that they will follow their filed flight plan and when they deviate ATC will attempt to move planes out of their way, although their efforts may be unsuccessful. The hacker who took control over the aircraft’s thrust control is particularly more concerning because the crew would not be able to stop and verify information to thwart the attack. The crew would be powerless because the hacker had full control over thrust and could potentially stop the engines leading to the plane becoming a big glider. If this occurred at cruise it is likely they would make a safe landing. If this happened at takeoff this would result in a catastrophic aeronautical stall that would be unrecoverable.
2.Which of the access controls and storage/transmission controls would be most helpful for the ACARS problem? The entertainment system problem? Why? -Jovani
The access control that would be most helpful for the ACARS problem is utilizing passwords. Without a security policy, access and storage technologies would be useless. In IT, passwords serve as the number one security measure along with other multi factor authentication tools such as encryption and Biometrics. By incorporating a complex password, security is enhanced greatly.
Another access tool that can be utilized for the ACARS problem are challenge questions. Challenge questions are related directly to the original user and to whomever can log onto an account. If a hacker were to be faced with a challenge question it could make their task more difficult in regards to them not knowing the answers to the security questions.
Storage and transmission controls are utilized within systems to primarily detect threats against the network. The storage and transmission tools that would be most helpful for the ACARS problem are antivirus, firewall, system alerts and system logs. The antivirus’ main purpose is to scan incoming data and evaluate whether the system as a whole is being harmed. Antivirus tools are able to detect over thousands of virus patterns in order to maintain high security. When using firewall, the ACARS system would be able to prevent or allow outside traffic from entering the network depending on whether the traffic is well known or unknown. Typically if it is unknown then the chances of it being a virus or hacker are high and the firewall will then prevent the traffic from entering. System logs and alerts are similar in ways that are used to alert the user if any suspected activity is occurring. For example, system logs can record how many attempts were made when trying to log into an account. The IP address can also be traced if the amount is excessive and therefore many breaches have been prevented. The ACARS hackers could have been detected if the system logs and alerts were regulated appropriately.
3. If password control is used to solve the ACARS weakness, what might hackers do next?
If password control is used to solve the weakness there might be other ways for the hackers to enter in aircrafts.For example, They will try to find the password. If ACARS changed their password every three months have different kinds of passwords. In this case hackers will not be able to enter the system. Under example is drive by downloads, “To take advantage of these weaknesses, hackers set up websites embedded with viruses. You might get there by clicking a malicious link in a phishing e-mail or on social media. You can even find these sites in a search for popular programs or topics” (para.3). And there is many other ways that a hacker can get into the system. In this case ACARS should have better defends.