|
查看原文
As the search for the missing Malaysia Airlines Flight MH370 continues, investigators have come across some startling evidence that the plane could have been hijacked using a mobile phone or even a USB stick. The theory comes from a British anti-terrorism expert who says cyber terrorists could have used a series of “codes” to hack the plane’s in-flight entertainment system and infiltrate the security software.
According to Sally Leivesley, a former scientific adviser to the UK’s Home Office, the Boeing 777’s speed, direction and altitude could have been changed using radio signals sent from a small device. The theory comes after investigators determined that someone with knowledge of the plane’s system intentionally flew the jet off course.
“It might well be the world’s first cyber hijack,” Leivesley told the U.K.’s Sunday Express. “This is a very early version of what I would call a smart plane, a fly-by-wire aircraft controlled by electronic signals.”
Leivesley said that the evidence increasingly indicates that someone took over the plane’s controls “in a deceptive manner” and overwhelmed the plane’s system either remotely or from a seat on the plane.
“There appears to be an element of planning from someone with a very sophisticated systems engineering understanding,” she said. “When the plane is air-side, you can insert a set of commands and codes that may initiate, on signal, a set of processes.”
Investigators have also proposed that the pilots themselves could have switched the plane’s communication equipment off and redirected the plane west, but officials say it would have been very difficult for them to make the plane disappear from radar. Commercial aviation pilots who spoke with NPR said shutting down the system, which is designed to automatically communicate with ground control stations, is far more complicated than throwing a single switch.
“They said you'd have to go through big checklists, you'd have to possibly pull circuit breakers if you wanted to deactivate [all the communications equipment],” NPR’s Geoff Brumfiel told “All Things Considered” host Robert Siegel. “So, to do this, you'd have to have some degree of premeditation and a lot of knowledge of the aircraft.”
Further evidence supporting the cyber hijack theory comes from the fact that Boeing had previously expressed concern over the security of the plane’s systems, and had even contacted the U.S. Federal Aviation Administration for permission to change some of the onboard equipment. In August 2012, Boeing applied to have additional security installed aboard several of its 777 series aircraft.
Boeing was concerned that the aircrafts’ inflight entertainment system, which includes USB connections, could allow hackers to access a plane’s computer. The Federal Aviation Administration granted Boeing permission to change its inflight systems five months ago.
"The integrated network configurations in the Boeing Model 777-200, -300, and -300ER series airplanes may enable increased connectivity with external network sources and will have more interconnected networks and systems, such as passenger entertainment and information services than previous airplane models,” the U.S. Federal Register stated in a Nov. 2013 report. “This may enable the exploitation of network security vulnerabilities and increased risks potentially resulting in unsafe conditions for the airplanes and occupants."
Last year, a Spanish researcher showed it was possible to hack a plane using a mobile phone. According to WTOP, during a presentation in April 2013 at the Hack-In-The-Box security summit in Amsterdam, Hugo Teso allegedly proved that with an Android smartphone, a specific “attack code” and an Android app called PlaneSploit, he could hijack both a plane’s system as well as the pilot’s display.
The FAA quickly denied Teso’s assertion that he could remotely commandeer a plane.
"The described technique cannot engage or control the aircraft's autopilot system using the FMS or prevent a pilot from overriding the autopilot," the FAA said in a statement following Teso’s demonstration. "Therefore, a hacker cannot obtain 'full control of an aircraft' as the technology consultant has claimed."
|
查看譯文
馬航失聯(lián)客機(jī)MH370的搜救工作仍在繼續(xù),與此同時����,調(diào)查人員驚訝地發(fā)現(xiàn),飛機(jī)可能是被手機(jī)甚至USB設(shè)備劫持����。該理論來自一位英國反恐專家�����,說網(wǎng)絡(luò)恐怖分子可能使用了一連串“代碼”侵入機(jī)上的飛行娛樂系統(tǒng)���,并滲透到安全防護(hù)軟件中。
英國內(nèi)政部(Home Office)前科學(xué)顧問薩利·李維斯利(Sally Leivesley)表示�����,一個小設(shè)備發(fā)出的無線電訊號改變了波音777飛行速度���、航向和高度����。在調(diào)查人員發(fā)現(xiàn)是有了解飛行系統(tǒng)運(yùn)作的人故意使飛機(jī)偏離航道后��,她提出了這個“網(wǎng)絡(luò)劫機(jī)”的說法���。
“這可能是世界首例網(wǎng)絡(luò)劫機(jī)事件,”李維斯利在接受英國《周日快報》(Sunday Express)采訪時說道����。“我更愿意將其稱之為智能飛機(jī)的雛形,由通過電子信號操控的遙控式飛機(jī)���?����!?/p>
李維斯利稱����,越來越多的證據(jù)表明�����,有人“以欺騙的方式”接管了飛機(jī)�����,遠(yuǎn)程或者就在飛機(jī)上操控著飛機(jī)系統(tǒng)����。
她說:“似乎有一位非常通曉系統(tǒng)工程的人在參與此事,飛機(jī)在控制區(qū)時�����,可以插入一套指令和代碼,發(fā)出信號啟動一組進(jìn)程�����?��!?/p>
調(diào)查人員之前也曾指出�,可能是飛行員人為關(guān)閉飛機(jī)通訊設(shè)備���,再駕駛飛機(jī)西行�,但官方回應(yīng)稱即使那樣�����,也很難使飛機(jī)避開雷達(dá)監(jiān)測��。商業(yè)航空飛行員在接受美國國家公共電臺(NPR)采訪時表示�����,飛機(jī)系統(tǒng)可以自動與地面控制臺取得聯(lián)系��,關(guān)閉系統(tǒng)不是像關(guān)閉一個開關(guān)那么簡單�����。
“他們說要關(guān)閉(所有通信設(shè)備)����,得完成許多操作步驟,可能得拉下斷路器開關(guān)����。”NPR的杰夫·姆菲爾(Geoff Brumfiel)對《All Things Considered》節(jié)目主持人羅伯特·西格爾(Robert Siegel)說道����。“這樣的話����,得事先經(jīng)過一些策劃,并精通飛機(jī)原理��?����!?/p>
此前波音公司曾表示波音飛機(jī)系統(tǒng)可能存在安全隱患���,并向美國聯(lián)邦航空管理局申請更換部分機(jī)載設(shè)備�,這進(jìn)一步驗(yàn)證了“網(wǎng)絡(luò)劫機(jī)”的可能性。2012年8月��,波音公司在其部分777型飛機(jī)上加強(qiáng)了安保系統(tǒng)�。
波音公司曾擔(dān)心,機(jī)上的飛行娛樂系統(tǒng)帶有USB接口�,黑客可能會趁此侵入飛機(jī)的電腦系統(tǒng)。5個月前�����,聯(lián)邦航空管理局同意波音公司更換飛行系統(tǒng)����。
美國聯(lián)邦公報在2013年11月的一份報告指出,“與先前的機(jī)型相比�����,波音777-200, -300型飛機(jī)的整體網(wǎng)絡(luò)配置可能會加強(qiáng)與外部網(wǎng)絡(luò)源的連通性��,有更多的互聯(lián)網(wǎng)和系統(tǒng)���,如乘客娛樂和信息服務(wù)�。同時這可能產(chǎn)生網(wǎng)絡(luò)安全漏洞,增加風(fēng)險�,導(dǎo)致對飛機(jī)和機(jī)內(nèi)人員不利的狀況?!?/p>
2013年�,一位西班牙研究員指出,通過手機(jī)劫持飛機(jī)是可能的�。據(jù)華盛頓WTOP電臺消息,2013年4月阿姆斯特丹HITB安全峰會上的一塊講演中�,雨果·特索(Hugo Teso)據(jù)稱能夠通過一部安卓智能手機(jī),一串特殊的“攻擊代碼”����,和一款PlaneSploit應(yīng)用,就能侵入一架飛機(jī)的系統(tǒng)以及飛行員的顯示器��。
聯(lián)邦航空管理局很快否定了特索能遠(yuǎn)程控制飛機(jī)的說法����。
“特索提出的方法不能侵入或控制飛機(jī)的自動駕駛系統(tǒng)(采用的是飛行管理系統(tǒng)),也不能阻礙飛行員控制自動駕駛儀�����?���!癋AA在隨后的一份聲明中說道�����,”因此�,黑客無法做到像這位技術(shù)顧問聲稱的‘完全控制飛機(jī)’�。”
(譯者 胡夢君 編輯 丹妮)
|
