Pilot and security consultant Hugo Teso warns terrorists could take control of planes using smartphones
A German security consultant has warned that criminals and terrorists could hijack a modern commercial airplane using just an Android smartphone.
Speaking at the Hack in the Box security summit, currently taking place in Amsterdam, Hugo Teso said that he had spent the last three years developing an application called SIMON.
The app is a framework of malicious code that could be used to hack into an airline security software, according to Teso. It is controlled by an Android app he calls PlaneSploit.
Teso, who himself is a qualified commercial airline pilot, demonstrated how the app could change the speed, altitude, and direction of an airplane in an flight simulator. He said the simulator accurately reflected the systems in place on many aircraft.
He said that current security systems simply aren't strong enough to make sure the commands are coming from a legitimate source.
"You can use this system to modify approximately everything related to the navigation of the plane," Teso told Forbes. "That includes a lot of nasty things."
According to him, the tools could be used to change information on a pilot's display or turn the lights on or off in the cockpit. He added that the app could even take control of the airplane using simple commands like "Please Go Here" or more worryingly "Visit Ground".
Teso stressed that SIMON has been developed in such a way that it will only work in virtual environments, and not on actual aircraft. Yet he warned that it wouldn't take much more effort to turn it into an app that could take over real aircraft.
He said the reason for the demonstration was to raise awareness amongst airlines of the risks posed by not adequately protecting online systems from hacking.