Thursday, June 20, 2024

Radio Tech Used to Hack Everything From Airplanes to Defibrillators

Earlier this year an experienced team of researchers at Northeastern University’s Khoury College of Computer Sciences in Boston proved that an airliner’s complex radio-navigation system can be hacked by a $600 software-defined radio.

The SDR (Software-defined radio), which is available commercially, was used to spoof the radio signals from a plane’s instrument landing system (ILS). This was not the first time software-defined radios were used to demonstrate a system’s vulnerability to hacking.

In 2014 researchers from Trend Micro used SDRs to generate a range of fake messages ranging from phony SOS distress signals to false collision warnings on the Automated Identification System used by ocean-bound vessels.

It is not only SDRs that can be utilized in large-scale hacking attempts as even your most basic HAM radio has capabilities that will appeal to any hacker with dubious intentions.

The good, the bad and the ugly of HAM radio

The somewhat unfashionable reputation that HAM radio enjoys is, for the most part, completely undeserved as the humble HAM can serve as an important tool across various industries.

Apart from being kept up to date with regards to local emergencies and natural disasters, HAM radio will also require you to become suitably qualified, allowing you to add to your existing skillset.

While HAM-hobbyists and computer programmers have long been aware of the many uses of amateur radios, hackers are also making use of Ham radio technology, but unfortunately for less-than-honorable purposes.

While no HAM radio was manufactured with the intent to cause disorder when in the wrong hands it can be used to facilitate great devastation.

AX25, Packer Radio, and Mesh Networking are a hacker’s dream-come-true

Although everyone who is remotely technically-minded is familiar with TCP/IP, not everyone may be equally as versed as far as the AX25 protocol is concerned. AX25 is a data link layer protocol that has been supported by the Linux kernel for nearly a decade already.

When utilizing AX25 in conjunction with a HAM radio you can create a conventional computer network without having to rely on any wired connections as all links will take place over the air.

A HAM operator can therefore quite easily, without anything but his trusted radio and a basic laptop, access the internet from even the most remote locations imaginable. The almost-limitless hacking possibilities associated with these remote connections are undoubtedly something that will get any hacker’s blood pumping.

The future of radio-related hacking is harrowing

As if the fact that SDRs can effectively take over complex airline systems is not concerning enough, the same technology has also been proven to hack ultra-modern cranes and even of implanted cardio defibrillators. 

The Trend Micro team found that remote controls manufactured by as many as 7 vendors and that is used to move industrial equipment such as cranes, can easily be manipulated by an SDR.

These remotes were, in fact, deemed a lot more likely to be compromised than a standard, cheap garage remote. Despite constant headway being made in terms of creating systems that can thwart hacking attempts, hackers are revolutionizing their own technology at an even faster speed.

Hacking has been a part of our technology-driven society for countless years and will undoubtedly continue to wreak havoc in the various industries of the world for many years to come.

While not all hackers make use of radios in their efforts, the power of a simple amateur radio when in the wrong hands must never be underestimated.


Latest articles

1inch partners with Blockaid to enhance Web3 security through the 1inch Shield

1inch, a leading DeFi aggregator that provides advanced security solutions to users across the...

Hackers Exploit Progressive Web Apps to Steal Passwords

In a concerning development for cybersecurity, hackers are increasingly leveraging Progressive Web Apps (PWAs)...

INE Security: Optimizing Teams for AI and Cybersecurity

2024 is rapidly shaping up to be a defining year in generative AI. While...

Threat Actor Claims Breach of Jollibee Fast-Food Gaint

A threat actor has claimed responsibility for breaching the systems of Jollibee Foods Corporation,...

Threat Actors Claiming Breach of Accenture Employee Data

Threat actors have claimed responsibility for a significant data breach involving Accenture, one of...

Diamorphine Rootkit Exploiting Linux Systems In The Wild

Threat actors exploit Linux systems because they are prevalent in organizations that host servers,...

Amtrak Data Breach: Hackers Accessed User’s Email Address

Amtrak notified its customers regarding a significant security breach involving its Amtrak Guest Rewards...

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles