http://www.theaustralian.news.com.au/story/0,20867,19378061-23349,00.html Steve Creedy Aviation writer June 06, 2006 HACKERS armed with little more than a laptop computer could conjure up phantom planes on the screens of Australia's air traffic controllers using new radar technology, Dick Smith haswarned. The prominent businessman and aviator claims to have found another security flaw in the new software being introduced in the air traffic control system. He has challenged Transport Minister Warren Truss to allow him to set up a demonstration of the problem at a test of the technology in Queensland to show how hackers could exploit the automatic dependent surveillance broadcasting (ASD-B) system to create false readings on an air traffic controller's screen. The air space activist says he had been told of the flaw by staff at the US Federal Aviation Administration. "FAA officials have become aware that an electronics boffin, using a second-hand or 'borrowed' transponder from a small (general aviation) aircraft connected to a $5 data lead, a $5 aerial and a laptop computer, can create 10, 20 or even 50 false aircraft on an air traffic controller's screen," Mr Smith says in a letter to Mr Truss. "This will create total chaos in the air traffic control system." Australia is at the forefront of ASD-B, which uses the global positioning system and aircraft avionics to automatically broadcast information about a plane's position, speed and direction. Authorities are poised to introduce the system for high-level airspace, but are yet to make a decision on whether to use it at lower altitudes. The US is also rolling out ASD-B. The technology has been enthusiastically endorsed by senior executives of the aviation administration and the airline industry. But Mr Smith, who is campaigning against the scheme and has raised safety and security concerns about the design, said the system had no way of verifying whether a plane was where it claimed to be or if it existed at all. He said the FAA was looking at ways of encrypting signals or setting up multiple ground stations at each location to allow the traffic controllers to determine whether a signal came from a moving aircraft. This would significantly increase the cost of ADS-B. "As we all know, criminals create viruses for computer networks which have cost the world hundreds of millions of dollars," Mr Smith said. "Exactly the same people are likely to create spoofing for the air traffic control system." A spokeswoman for Mr Truss said yesterday the minister had received a lot of correspondence from Mr Smith on ADS-B. "This recent letter is being considered and we will be writing back formally to him," she said. "Mr Smith did meet the minister in the past few weeks and we would point out that no decision about ADS-B has been made, nor is a decision imminent." _________________________________ Attend the Black Hat Briefings and Training, Las Vegas July 29 - August 3 2,500+ international security experts from 40 nations, 10 tracks, no vendor pitches. www.blackhat.com
This archive was generated by hypermail 2.1.3 : Tue Jun 06 2006 - 22:43:08 PDT