(New Scientist) A commercial pilot with a knack for hacking has built a smartphone app he claims can hijack the air-to-ground messaging system used in aircraft cockpits. But the European Aviation Safety Agency (EASA) and US Federal Aviation Administration have been quick to dismiss the work, saying that he only hacked into a PC-based training simulator rather than the “protected” technology on real flight decks.
At issue is a talk by engineer and pilot Hugo Teso of N.runs, a German security systems company, at the Hack In The Box conference in Amsterdam, the Netherlands, this week. Teso outlined how his app, PlaneSploit, running on an Android smartphone, could inject messages into a flight deck’s Aircraft Communications Addressing and Reporting System. ACARS allows simple text messages to be exchanged between air traffic control and pilots over VHF radio, and is also used to send aircraft and engine diagnostic data to airlines.