Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Career Intelligence
    • Cyber Tactics
    • Cybersecurity Education & Training
    • Leadership & Management
    • Security Talk
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Interactive Spotlight
    • Photo Galleries
    • Podcasts
    • Polls
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Cybersecurity NewsPorts: Sea, Land, & Air

Researcher Says Planes Can Be Hacked Remotely with Android App

April 15, 2013

A security researcher and trained commercial pilot says that an Android app can be used, at least theoretically, to hack a plane.

That includes potentially gaining information about an aircraft's onboard computer, changing the intended destination, flashing interior lights, delivering spoofed malicious messages that affect the behavior of the plane, and, just maybe, if pilots don't manage to turn off autopilot and/or have difficulty with manual flight operation, crashing the plane.

These are theoretical exploits demonstrated by Hugo Teso, a security consultant at n.runs AG in Germany, who gave a talk about his research at the Hack in the Box conference in Amsterdam last week.

Teso said he conducted his research on aircraft hardware and software he acquired from various places, including equipment from vendors offering simulation tools that use actual aircraft code and from eBay, where he found a flight management system (FMS) manufactured by Honeywell and a Teledyne Aircraft Communications Addressing and Reporting System (ACARS) aircraft management unit, according to Network World.

Teso created two tools to exploit vulnerabilities in new aircraft management and communication technologies:

  • An exploit framework named SIMON, and
  • An Android app named, appropriately enough, PlaneSploit, which delivers attack messages to the airplanes' FMSes.

The two vulnerable technologies Teso exploited with these tools include the e Automatic Dependent Surveillance-Broadcast (ADS-B) (this surveillance technology, used for tracking aircraft, will be required by the majority of aircraft operating in US airspace by Jan. 1, 2020), and the Aircraft Communications Addressing and Reporting System (ACARS), a protocol for exchange of short, relatively simple messages between aircraft and ground stations via radio or satellite that also automatically delivers information about each flight phase to air traffic controllers.

According to Help Net Security, Teso abused these "massively insecure" technologies, using the ADS-B to select targets.

Using the Flightradar24 flight tracker - a publicly available tool that shows air traffic in real time - Teso's PlaneSploit Android app allows the user to tap on any plane found within range - range that would be limited, outside of a virtual testing environment, to antenna use, among other things.

Honeywell spokesman Scott Sayres said that his company is already working with N.Runs to review Teso's research, but downplayed the real-world implications,said Information Week. "If we talk very generically -- not just about Honeywell software -- PC FMS software is normally available as an online pilot training aid," Sayres said via phone. "In other words, what Teso did was hack a PC-based training version of FMS that's used to simulate the flight environment, not the actual certified flight software installed on an aircraft."

KEYWORDS: airplane security cyber security hacking

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Cyber tech background

    Security’s Top Cybersecurity Leaders 2026

    Security magazine’s Top Cybersecurity Leaders 2026 award...
    Top Cybersecurity Leaders
  • Iintegration and use of emerging tools

    Future Proof Your Security Career with AI Skills

    AI’s evolution demands security leaders master...
    Career Intelligence
    By: Jerry J. Brennan and Joanne R. Pollock
  • The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report surveys enterprise...
    The Security Benchmark Report
    By: Rachelle Blair-Frasier
Manage My Account
  • Security Newsletter
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

Trophy and soccer ball

Security Experts Discuss Threats to FIFA World Cup 2026

Soccer stadium

How the Current Iran-US Conflict May Impact World Cup Security

Hand reaching up out of the ocean

What I Learned About Burnout the Hard Way (and How to Actually Fix it)

Neighborhood

Residential AI Data Centers: Security, Privacy, and Governance Concerns

Officers at an event

The 2026 FIFA World Cup Will Test Security Operations Like Never Before

SEC 2026 Benchmark Banner

Events

July 8, 2026

The 2026 Security Maturity Benchmark Report: Insights From Senior Security Leaders

LIVE: July 8, 2026 at 2 pm EDT In this webinar, speakers will share key insights from the report, including why today’s threat environment demands greater maturity and how to evaluate your organization’s current security posture.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products


Alertmedia sponsored webinar

Related Articles

  • Security Expert Says a Tesla Can Be Hacked in 30 Seconds

    See More
  • election

    MIT Researchers: Voatz, Voting App, Can Be Hacked

    See More
  • password1-900px.jpg

    Website Reveals if Your Password Can be Easily Hacked

    See More

Related Products

See More Products
  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • Newsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2026. All Rights Reserved BNP Media, Inc. and BNP Media II, LLC.

Design, CMS, Hosting & Web Development :: ePublishing