Security researcher Chris Roberts made headlines after an FBI report alleged he had hacked a plane mid-flight and taken over the controls — but now serious doubts are growing over the entire affair.
In an interview with a special agent earlier this year about potential vulnerabilities in in-flight software, Roberts apparently made the claim that he could hack a plane using the passenger entertainment system. These comments then came to light after Roberts was banned from United Airlines flights in a high-profile incident after tweeting about potential vulnerabilities.
A search warrant was then issued for the researcher’s devices as part of an FBI investigation — and the comments were included in the warrant, which was made public.
Here are the relevant parts of the warrant (emphasis ours):
A special Agent with the FBI interviewed Chris Roberts on February 13, 2015 and March 5, 2015 to obtain information about vulnerabilities with In Flight Entertainment (IFE) systems on aeroplanes. Chris Roberts advice that he had identified vulnerabilities with IFE systems of Boeing 737-800, 737-900, and Airbus A-320 aircraft. Chris Roberts furnished the information because he would like the vulnerabilities to be fixed.
During these conversations, Mr. Roberts stated the following:
That he had exploited vulnerabilities with IFE systems on aircraft while in flight. He compromised the IFE systems approximately 15 to 20 times during the time period 2011 through 2014…
…That he was about to exploit/gain access to, or “hack” the IFE system after he would get physical access to the IFE system through the Seat Electronic Box (SEB) installed under the passenger seat on aeroplanes…
…After remove the cover… he would use a Cat6 ethernet cable with a modified connector to connect his laptop computer to the IFE system while in flight…
…He then connected to other systems of the aeroplane network… He stated that he then overwrote code on the aeroplane’s Thurst Management Computer while aboard a flight. He stated that he successfully commanded the system he had accessed to issue the “CLB” or climb command. He then stated he thereby caused one of the aeroplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights.
In short: Roberts allegedly hacked into planes between 15 and 20 times over several years via the in-flight entertainment system using modified cables and his laptop. On one occasion, he apparently gained direct control of one of the engines, and made the plane move sideways.
However, multiple news reports are casting doubts over the claims.
First, a post by Mary Kirby on aviation industry website Runway Girl Network points out that Boeing says that entertainment systems are “isolated from flight and navigation systems” on commercial aircraft. Industry expert Peter Lemme told Kirby that “the IFE ARINC 429 interfaces are not capable of changing automatic flight control modes,” and that “the claim that the Thrust Management System mode was changed without a command from the pilot through the mode control panel, or while coupled to the Flight Management System is inconceivable.”
Industry consultant Michael Planey also told Kirby that given Roberts’ alleged method of access, the story seems suspect. “We have seen multiple instances of passengers being restrained by fellow passengers or flights diverted because a passenger is behaving abnormally. I find it nearly impossible to believe Roberts could have done this type of an act over a dozen times and never had a flight crew or fellow passenger notice — that part stretches the imagination.
“Furthermore,” Planey adds, “in the event that what he claims about monkeying with the Thrust Management System occurred, that would have been noted by the flight crew; they would have noticed the aircraft was moving not by command from the cockpit. There would have been many ways in engine monitoring and flight control management systems to detect this sort of event, and I would have expected the pilots would have written it up and there would have been an investigation. So I don’t believe what he says to be true.”
Writing for Forbes, Thomas Fox-Brewster points out further criticism. Security researcher and pilot Dr Phil Polstra previously criticised a US government report earlier this year warning of potential aircraft hacks as “irresponsible” and “deceptive.”
And Roberts himself has apparently changed his tune, now telling Fox-Brewster that his comments have been “totally taken out of context and misinterpreted.”