ICIT CERTIFIED: In this paper, the researchers at IOActive, an ICIT Fellow Circle Member, offer three real-world scenarios involving serious vulnerabilities that affect the aviation, maritime, and military industries. It has been reviewed by ICIT researchers and is certified as an educational document. ICIT encourages stakeholders to read this paper and distribute it widely to share its contents.
This research comprehensively details three real-world scenarios involving serious vulnerabilities that affect the aviation, maritime, and military industries. The vulnerabilities include backdoors, insecure protocols, and network misconfigurations. This white paper elaborates the approach and technical details of these vulnerabilities, which could allow remote attackers, originated from the Internet, to take control of:
• Airborne SATCOM equipment on in-flight commercial aircrafts
• Earth Stations on Vessels, including Antennas
• Earth Stations used by the US Military in conflict zones
Hundreds of commercial airplanes from airlines such as Southwest, Norwegian, and Icelandair were found to be affected by these issues. Today, it is still possible to find vessels that are exposed to the Internet, leaving them vulnerable to malicious attacks. Also, we are providing the evidences to demonstrate that Internet of Things (IoT) malware was found actively trying to exploit exposed aircraft, as well as vessels that were already infected.
A numerical analysis of the potential Radio-Frequency (RF) hazards derived from vulnerable SATCOM devices is also provided. These results will be compared with the
High Intensity Radiated Fields (HIRF) regulations used in the aviation and maritime industry, demonstrating cyber-physical attacks with impacts on satellites and safety
implications for vessels and ships.
Finally, the responsible disclosure process that occurred in such a sensitive and complex scenario will be covered in detail.