The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) warned in a July 30 alert that network protocols of aircraft can make them vulnerable to data manipulation.
CISA’s alert said that attackers can exploit CAN bus networks within planes when they have unsupervised physical access to aircraft. In that case, CISA added, attackers could attach a device onto an avionics CAN bus to inject false data into the network.
Rapid7 researchers found the potential vulnerabilities, which CISA outlined in the alert.
“The researchers have outlined that engine telemetry readings, compass and altitude data, altitude, airspeeds, and angle of attack could all be manipulated to provide false measurements to the pilot,” CISA said. “The researchers have further outlined that a pilot relying on instrument readings would be unable to distinguish between false and legitimate readings, would could result in loss of control of the affected aircraft.”
To strengthen protections, CISA said plane owners restrict access to their aircraft, and manufacturers should review their CAN bus network implementation to help mitigate the vulnerability.
“The automotive industry has made advancements in implementing safeguards that hinder similar physical attacks to CAN bus systems,” CISA added. “Safeguards such as CAN bus-specific filtering, whitelisting, and segregation should also be evaluated by aircraft manufacturers.”