Posted on

DEFCON hacker illustrates flight plan vulnerability

A pilot presenting during the DEFCON conference this month showed how to use fake identities to file flight plans.  As Righter Kunkel explained during the annual convention for hackers, it is easy to provide a AME with false information to obtain a student pilot medical certificate.  Armed with the medical, a person can file false flight plans with ATC.

While this is illegal, it is not going to be a problem until many flight plans are submitted.  If this is done, it can be a big problem in the form of what is called a denial of service attack.  DoS attacks are used to overwhelm the computer servers that are used to process incoming information.  In the case of the ATC’s systems, many of the computers are linked in such a way that if one goes down, it could take down the rest of them.  Radar, communication, and transponder information could all be compromised.

Kunkel explains that he, as a pilot, is trying to get this information out there to highlight the vulnerabilities of the underfunded FAA and increase awareness.

Leave a Reply

Your email address will not be published. Required fields are marked *

Why ask?