The Government Accountability Office (GAO) has published a report that criticises the Federal Aviation Administration (FAA) for not sufficiently guarding against the most significant cybersecurity threats. The report found that commercial airliners are vulnerable to terrorist attacks through the in-flight wifi.
Concerns have been raised recently as the airline industry begins to implement a new air traffic control system that will increase passengers’ ability to use internet-connected devices on board.
This new system, called the Next Generation Air Transportation System, will see all aspects of the flight connected under one cloud. This includes aircraft and traffic control, navigation systems, incident detection and response systems. The GAO claims that an aircraft’s controls could be infiltrated through this new system if someone using the in-flight wifi subverted the firewall.
According to the GAO, the FAA does not currently have a cybersecurity threat model in place.