Security expert Ruben Santamarta claims to have found numerous security flaws in Panasonic’s Aero in-flight entertainment system.
Santamarta, who works for the security firm IOActive, suggests hackers could adjust altitude readings, alter map displays, interfere with lights, and send unauthorised messages via the planes PA system.
He told the BBC: “Security is not one of the system’s main strengths."
Panasonic has denied his claims, and said: “The allegations made to the press by IOActive regarding in-flight entertainment (IFE) systems manufactured by Panasonic Avionics Corporation (“Panasonic”) contain a number of inaccurate and misleading statements about Panasonic’s systems. These misstatements and inaccuracies call into question many of the assertions made by IOActive.
“Most notably, IOActive has chosen to make highly misleading and inflammatory statements suggesting that hackers could “theoretically” gain access to flight controls by hacking into Panasonic’s IFE systems. Panasonic strenuously disagrees with any suggestion by IOActive that such an attack is possible, and calls upon IOActive to clarify that its research does not support any such inference.”
Aero in-flight systems are used by a number of major airlines such as KLM, Air France, American Airlines and Virgin Emirates.
Panasonic has also denied the possibility hackers could gain control of a plane using its in-flight entertainment system. Santamarta agrees with this, but still warns the system is vulnerable to attacks.
Santamarta began observing Panasonic’s system two years ago. Whilst doing this, he claims his online searches in regards to Aero unearthed data and code which enabled him to “compromise the entire system.”