Recent headlines tell us that “Feds Say That Banned Researcher [Chris Roberts] Commandeered a Plane.” As always, there is more to the story. In fact, there are claims and counter-claims about what Chris Roberts actually did. The FBI search warrant says he did actually send control commands that impacted the flight path of the aircraft, but this is currently unproven. The whole incident brings focus on the issue of what is called lateral movement – can someone with access to, for example, the inflight entertainment system of an aircraft use that toe-hold to reach further in to the network to do actual harm?
Once, aircraft control machinery was effectively offline, not connected to any outside networks. But, as we’ve seen in recent coverage (including the loss of Malaysian Airlines Flight 17) aircraft are much more inter-connected than they used to be. They connect to the outside world in several different ways, ranging from satellite-based networks for flight telemetry to networks used to provide Internet access from passenger seats. As these networks proliferate, they inevitably touch; and any touch point is something an attacker can use. The number of possible weak points multiplies over time.
The questions raised by this story are the current frontier of security, and apply well beyond aircraft. We rely more and more on networks that we cannot easily see or understand. Defects in one network can open up access to another. Attacks can work upwards like grass through cement, finding weak points and cracking hard defenses. What all defenders need to learn to do is to use technology to monitor technology. As our networks grow larger than we can understand, human effort and good will are not enough. This is why the current emphasis in security is on automated testing of defenses. We look for lateral movement opportunities, so we can isolate the truly critical things – say an aircraft’s control network – from the far less important, such as the inflight entertainment systems.