Next-generation aircraft ID systems are vulnerable to hacking

The U.S Government Accountability Office (GAO) submitted a report to the U.S Congress that pointed out that there are still unresolved cyber-security issues in the U.S. “broadcast automatic related surveillance” technology (ADS-B Out) the Hostile States and unauthorized individuals and organizations may use real-time data broadcast by military aircraft (in flight) to perform a variety of malicious activities.

GAO did not provide details. As part of the Federal Aviation Administration’s (FAA) Next-Generation Air Systems modernization program, the ADS-B Out system is designed to make it easier for third parties to access data to track and determine the condition of an aircraft without having to maintain a private database.

ADS-B Out: Automatic broadcast-related monitoring

Automatic acquisition of parameters from relevant airborne equipment without manual intervention or interrogation Placement of aircraft information such as position, altitude, speed, heading, identification number, etc., for the aircraft to monitor.

 

ADS-B system features

The FAA hopes to modernize ground-based radar systems using the Satellite-based system via ADS-B, enabling automatic reporting of aircraft positions, automatic navigation, and digital communications.

The ADS-B provides accurate position information for both high-altitude and airport-parked aircraft. It covers a wider area than traditional radars, helping to reduce the risk of collisions, providing pilots with real-time alerts and providing more accurate location information during inclement weather. The FAA requires that all aircraft in the U.S. airspace be equipped with ADS-B by January 2020 and that military aircraft be no exception. The DOD and other federal agencies have been very concerned about this technology for years.

GAO said that with the help of existing technology, the public can access the aircraft’s International Civil Aviation Organization (ICAO) addresses (including aircraft models, codes such as aircraft’s 24-digit electronic identification code), answering machines or “calling” codes and heights to track certain aircraft. ADS-B made these flight data available in a timely manner for military aircraft, but some of the data were confidential for some aircraft.

What security risks may be brought?

According to the report, foreign intelligence agencies, terrorists, and criminals may identify and track the aircraft through existing technologies. The FAA fears that switching to a radar system will cause problems when it switches to ADS-B. The U.S. military is concerned that the military aircraft’s broadcast information is vulnerable to cyber-attacks and that the operation of the military aircraft by the state, individuals, and organizations may occur.

Extensive assessments by the U.S. Department of Defense (DOD) and the Federal Aviation Administration confirmed that there is a security risk in ADS-B Out technology that could expose aircraft, tactical air traffic control systems, and FAA radars to countries, individuals or organizations Launched electronic warfare, cyber attacks and other types of interference activities.

So far, the FAA and the U.S. Department of Defense have been focusing on the installation of equipment and have not yet solved their security problems with military aircraft. The U.S. Defense Department advises shielding military identifiers, allowing military aircraft pilots to turn off ADS-B and other solutions. So far, the United States Department of Defense and the Federal Aviation Administration have not approved any mitigation.