Cyber security researcher Ruben Santamarta says he has figured out how to hack the satellite communications equipment on passenger jets through their WiFi and inflight entertainment systems - a claim that, if confirmed, could prompt a review of aircraft security.
Ruben Santamarta will be giving a talk at the Black Hat conference on this topic. He apparently found vulnerabilities in the satellite communication systems used by civilian aircrafts.
In theory, a hacker could use an aircraft's IFE and/or wifi signal to access the avionics, which in turn would disrupt the communication with satellite systems and the plane's navigation.
We'll have to wait until the presentation to get a better idea of the risk, some comments found online doubting that a hack could get any further than interrupting the satellite uplink. The 787 is one plane that was designed with passenger wifi in mind from the ground up, thus evidently making it an easier target if we were to follow a logical conclusion (look at this Wired article from 2008, you'll see it's not a new line of thought). But again, this is all theoretical until we know more.
It needs to be pointed out that even without satellite access, planes carry back-up systems that allow them to continue flying without a hitch. The (weak) analogy here would be a car without GPS. The on-board wifi can also be killed by the crew.
Let's not get paranoid here, but it remains evident that this type of vulnerability coupled with an attack on providers like Iridium or Hughes (provided a vulnerability is found there) could prove more difficult to counter.
Civilian aircraft technology is supposed to pass a higher level of certification, yet:
These vulnerabilities allow remote, unauthenticated attackers to fully compromise the affected products. In certain cases no user interaction is required to exploit the vulnerability, just sending a simple SMS or specially crafted message from one ship to another ship can do it.