1. Computing

Researchers find way to hack Panasonic’s in-flight entertainment systems

Brad Jones
By

researchers hack panasonic in flight avionics
Panasonic Avionics
Researchers working for the cybersecurity consultancy group IOActive discovered some troubling vulnerabilities in Panasonic Avionics’ in-flight entertainment systems. The company’s avionics subsidiary supplies hardware to 13 different airlines: Aerolineas Argentinas, Air France, American Airlines, Emirates, Etihad Airways, Finnair, Iberia, KLM, Qatar Airways, Scandinavian Airlines, Singapore Airlines, United Airlines, and Virgin America.

“I discovered I could access debug codes directly from a Panasonic in-flight display,” IOActive’s Ruben Santamarta said in a statement. “A subsequent internet search allowed me to discover hundreds of publicly available firmware updates for multiple major airlines, which was quite alarming.”

Santamarta performed further analysis in an attempt to find out what hackers could accomplish by interfering with an avionics device. He found it was possible to manipulate what was being displayed on the screen, to send out fake announcements over the PA system, and to control cabin lights and the reclining seats in the first-class section of the plane. There was also evidence that credit card details belonging to frequent flyers and VIP members could be stolen in this manner.

However, all of these attacks would pale in comparison to the potential for criminals to take control of the aircraft itself. Fortunately, this is impossible in most circumstances, according to a report from Tech Spot.

Most airlines keep the aircraft control domain physically isolated from the passenger entertainment domain, which means that there is no way to use in-flight entertainment hardware to interfere with the vessel’s controls. However, Santamarta states this is not always the case and urges airlines to be “incredibly vigilant” about this kind of threat.

IOActive reported these security flaws to Panasonic in March 2015 and has waited until now to release the information to the public so that the company would have time to make improvements. This is not the first time that the consultancy firm has shed light on a potential security breach — it played a key role in publicizing the high-profile Jeep hacking risk that led to a major recall in 2015.

Editors' Recommendations

5G apocalypse is here as major airlines suspend U.S. flights

An aircraft landing at an airport at dusk.

Airlines continue to fear new 5G service will cause flight chaos

An airplane coming into land.

Chicory: A Colorful Tale, Omori, and more indies coming to Switch

chicory's main character paints the world.

Mars helicopter Ingenuity is reuniting with Perseverance rover

NASA's Ingenuity Mars Helicopter acquired this image using its navigation camera. This camera is mounted in the helicopter's fuselage and pointed directly downward to track the ground during flight. This image was acquired on Oct. 24, 2021 (Sol 241 of the Perseverance rover mission) at the local mean solar time of 12:34:15.

With Tesla bleeding money, Elon Musk initiates hardcore spending review

Tesla Model Y front

How to customize a Samsung phone’s notification sounds

A closer look at the Google Pixel 6 camera array.

Best Apple deals and sales for January 2022

dell xps 15 vs macbook pro 16 apple ry 14 1200x9999

Slimmed-down Suunto 5 Peak boasts up to 100 hours of battery life

Man timing his run with Suunto 5 Peak.

Lego Star Wars: Skywalker Saga gets release date

Promotional art of Lego Star Wars The Skywalker Saga.

Is a smart safe necessary?

trova, smart safe

How to add your COVID-19 vaccine card to Apple Wallet

Covid-19 vaccine card and iPhone wallet card.

This Amazon Fire tablet deal is cheaper than a steak dinner

Fire 7 tablet, 7 display, 16 GB, latest model (2019 release), Plum

Best Android tablet deals for January 2022

onn. Android Tablet