back to article US air traffic control 'vulnerable to hackers' says watchdog

US air traffic control systems are potentially vulnerable to hackers, according to an audit by the American government. A report [46 pages, PDF] by the Government Accounting Office (GAO) faults the Federal Aviation Administration (FAA) for failing to meet compliance with the relevant government standards, specifically the …

  1. Kev99 Silver badge

    Yawn, so what else is new

    How much you want to bet ATC uses the open to everyone, especially crooks, hackers, and idiots, internet.I doubt very seriously American business and government are ever going to go back to dedicated lines that only the licensees could access. Just as all the US hotel chains that fired their accounting staffs so they could outsource to India will soon be burned.

  2. Anonymous Coward
    Anonymous Coward

    Heathrow?

    Just wondering if that image at the top of the story is of Heathrow? Surely El Reg must have a US related ATC photo?

    1. An0n C0w4rd

      Re: Heathrow?

      It is definitely LHR. You can see the T5 toast-rack configuration at the left and the T4 oddity at the bottom right. Must be an old pic because the new toast-rack for T2 is missing. I think the pic pre-dates T5C coming online actually.

      1. Stuart 18
        Meh

        Re: Heathrow?

        Yes it is an AGL (Airport Ground Lighting) control system from Heathrow. A little bit misleadingly labelled as NATS ATC. Although this system is the interface between Ground control and Air Traffic Control as it incorporates the runway services in addition to the taxiways. Thus ground and air teams both have access to it.

        Of course you could steer planes into each other on the ground similarly to in the air. Also similarly: as the two human (for now :-) ) captains are in charge of visually steering, with just auditory recommendation / control from the tower; there is more than adequate redundancy to prevent danger to life.

        The big danger, as has been mentioned, is the reduction in capacity - all pieces of the system from check-in to baggage handling are meticulously engineered to maximize throughput. Of course in the legally mandatory failsafe backup conditions throughput is sacrificed for safety.

        It could be wildly feasible to imagine a loss of life procedure where every possible dodgy shortcut has been taken: inexperienced pilot, poor plane maintenance, skimping on fuel load for savings, too many fat kids on their mother's knees - then the traffic control falure could perceivably lead to a fuel starved incident.

        Otherwise this may explain the lack of visibility to terrorists vs. just blowing them up in the air. Of course there should be a zero possibility and that justifies the FAA raising this issue.

        Stuart

  3. An0n C0w4rd

    Sigh.

    “Sophisticated terrorists could even steer planes into one another”

    Really? Guess the Senator has never heard of TCAS then. You could probably try to get Cessna 152 and 172s to collide (no more than 4 people on board each plane), however they go slow enough that VFR visual scanning would normally catch the collision. Every scheduled passenger flight has TCAS by FAA mandate (and CAA in the UK, etc) which prevents that exact situation from happening.

    You'd stand a better chance of CFIT (Controlled Flight Into Terrain) because there ARE some weaknesses in the prevention systems there, but you'd have to be in IFR conditions with no visibility and find a suitably steep mountain that wouldn't trigger the "Too low, terrain" warning until it's too late, at least until the GPS based terrain warning systems are available and generally used.

    1. Anonymous Coward
      Anonymous Coward

      Re: Sigh.

      The other Reg article is about hacking an airplane, and not the ATC system, but IMHO if a large airport ATC system is compromised, enough havoc can be created to put lives at risk. The likely outcome is that once controllers understand the system is not reliable, they have to switch to backup procedures, which usually can't sustain the traffic. If the hacking is performed on a larger area, even diverting planes could become difficult.

      Another scenario could be hiding some smaller plane from secondary radars, or creating fake ones. Not every piece of airspace is under a primary radar beam - MH 370 shows it well.

  4. Robert Helpmann??
    Childcatcher

    Open Up and Say Argh!

    These include weaknesses in controls intended to prevent, limit, and detect unauthorised access to computer resources, such as controls for protecting system boundaries...

    So the firewall is up and running, but is set to allow any-any? As, uh, surprising as it might be, some agencies are stuck on following the letter of the law while completely missing the intent. It doesn't help when the people writing the rules couldn't find a clue with a map. It would not surprise me to find a bit of both going on in this case.

    1. Anonymous Coward
      Anonymous Coward

      Re: Open Up and Say Argh!

      Sometimes we understand both the letter and the intent, but are stuck keeping holes open because of other problems.

      For instance, at the agency where I work there are three different critical processes that require web apps to process data (accounting, travel, and timekeeping). For whatever reason these sites are setup with SSL configurations that leave all of our systems using vulnerable versions of SSL. Last month the sys admins tried to patch it with group policy only to have to roll it back. This month MS issued a patch (actually a hot fix I think, but it was picked up by our commercial patching system as a patch to deploy) which got deployed and then rolled back.

      Yes, at least one of these apps also uses Java so we live with the constant patch nightmare for that as well.

  5. M7S

    If I was an American Citizen....

    I'd regard this as a matter of potential "national" security, certainly if there is a real vulnerability then the safety of citizens (also tourists, visitors etc, all human beings but sadly not necessarily benefitting from the protection of some US laws as they seem to be interpreted at the moment) seems to be in potential peril. Given the amount of people who hate the USA and want to create genuine terror (not the sort that in the UK treats dressing up as Batman and standing on a window ledge as being on a par with the PIRA of the '70's) then this vector of attack must be up on the baddie's "to do" list.

    It might be nice to think that if there was a government body with the sort of technical/management skills to perhaps help advise the ATC operators how to reduce or eliminate this risk (also the risk of things like power stations and other essential utilities being disrupted electronically), in the interests of general orderly management of the country, that it might do so. Some sort of "Agency" dedicated to "National Security", or somesuch.

    I seem to recall that even Machiavelli's Prince advocated "first; look to your defence".

    Now it may be that highly technical minds have determined that there is no genuine risk. I'm not sufficiently qualified to determine that, however if they're wrong, then it's a terrible indictment of their ability to correctly determine the threats from which they should be protecting people. Ultimately the only real judge will probably be history (ooh, there's a joke there, must work on that one....)

    Even so, it might be nice if such an agency could issue a reassuring note to the taxpayers funding it that their interests are being looked after in such a regard. A bit of joined up thinking in government perhaps?

    1. Tom 13

      Re: If I was an American Citizen....

      Part of the problem is that the airline industry like the rocket industry waits until technology is proven before deploying it, except for non-critical items like booking, and even that's pretty antiquated.

      I recall being contracted for Y2K audits. We were to walk around with a floppy disk that had the scanning program and another set of blank floppies to which the data would be written. We were using 3.5 floppies. Some machines still had to be bypassed because they only had 5.25 floppies. Frankly, they probably would have been better served simply upgrading all the equipment as opposed to hiring an expensive contractor to analyze their equipment. But at the end of the day, the piece of paper that says you're certified is more important than actually having the equipment.

  6. Crisp

    Didn't I see this in that documentary WarGames?

    No... wait... That was the airline booking system.

  7. Crazy Operations Guy

    Sat Network

    These systems really should be on a fully air-gapped dedicated network, not unlike SWIFTNet has with banks. I figure that a satellite network would be ideal for something like this to enable communications between airports, ATC centers, and aircraft.

    With a proper mesh set up with both satellites and ground stations, it'd be possible to create a fully redundant network and allow for entire airports / regions to go offline and air traffic can continue to operate as normal. And maybe with enough bandwidth added in, upload flight recorder and cockpit recorder data in real-time (Seems ridiculous that we can put WiFi and phone systems on a plane, but we have to fish the black box out of the wreckage to figure out what went wrong...)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like