Skip to main content

Banned security expert hacked into airplane systems, says the FBI

fbi say banned hacker actually commandeered a plane united airlines
Image used with permission by copyright holder
Last month we reported on the case of professional security expert Chris Roberts, apparently banned from United Airlines and questioned by police for several hours over a tweet discussing his flight’s on-board systems. A warrant published online suggests Roberts actually went way beyond just tweeting about accessing the aircraft’s controls.

As Wired reports, the FBI claims in the warrant that Roberts used a cable to hack into a plane’s computer systems and even deviated its course slightly while it was in midair. It’s not clear whether this happened on the same flight that led to Roberts being detained; the conversations are from several separate interviews between the hacker and the FBI.

For his part, Roberts has always said that his intentions are to highlight flaws in airline systems before someone can use them for nefarious purposes. When speaking to Wired, he wasn’t able to confirm or deny the claim that he logged into the flight controls, but he did say “there is context that is obviously missing which obviously I can’t say anything about.”

“[Roberts] stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights,” FBI special agent Mark Hurley explained in the warrant application. “He also stated that he used Vortex software after comprising/exploiting or ‘hacking’ the airplane’s networks. He used the software to monitor traffic from the cockpit system.”

Roberts has been investigating the security of aircraft networks for a number of years and has had several conversations with airlines, hardware vendors and the FBI in that time. It would seem on this occasion he’s overstepped the line between well-intentioned research and putting the safety of passengers at risk. “Over [the] last five years my only interest has been to improve aircraft security … given the current situation I’ve been advised against saying much,” Roberts tweeted over the weekend.

David Nield
Former Digital Trends Contributor
Dave is a freelance journalist from Manchester in the north-west of England. He's been writing about technology since the…
Apple’s security trumps Microsoft and Twitter’s, say feds
Apple's Craig Federighi speaking about macOS security at WWDC 2022.

Apple has long held a reputation for rock-solid security, and now the U.S. government seemingly agrees after praising the company for its security procedures. At the same time, the feds have suggested Microsoft and Twitter need to pull their socks up and make their products much more secure for their users, according to CNBC.

In a speech given at Carnegie Mellon University, Cybersecurity and Infrastructure Security Agency Director Jen Easterly pointed to Apple as a company that took security and accountability seriously, and suggested other companies should take note.

Read more
LastPass reveals how it got hacked — and it’s not good news
A depiction of a hacker breaking into a system via the use of code.

Last year was a particularly bad one for password manager LastPass, as a series of hacking incidents revealed some serious weaknesses in its supposedly rock-solid security. Now, we know exactly how those attacks went down -- and the facts are pretty breathtaking.

It all began in August 2022, when LastPass revealed that a threat actor had stolen the app’s source code. In a second, subsequent attack, the hacker combined this data with information found in a separate data breach, then exploited a weakness in a remote-access app used by LastPass employees. That allowed them to install a keylogger onto the computer of a senior engineer at the company.

Read more
Using LastPass? You need to switch urgently, says security firm
A dark mystery hand typing on a laptop computer at night.

It’s a good idea to use one of the best password managers to keep your logins safe, but now a security company is warning that one of the most popular password managers in the world is not safe to use.

The extraordinary claim comes from Intego, a firm that specializes in Mac security. Intego made its assertion based on a series of security breaches LastPass has suffered in recent months, the way LastPass has responded to those incidents, and the underlying technology LastPass uses to protect customer accounts.

Read more