Less than a week after a security researcher was barred from boarding a California-bound flight after he tweeted a joke about being able to break into a plane's network, the FBI and TSA issued a warning for airlines of the possibility of Wi-Fi hacking.
"Although the media claims remain theoretical and unproven, the media publicity associated with these statements may encourage actors to use the described intrusion methods," InfraGuard, private partnership with the FBI, said in an alert, according to Wired. "Attempting to gain unauthorized access to the onboard networks of a commercial aircraft violates federal law."
Chris Roberts, attempted to board a United flight from Colorado to San Francisco to speak at a major security conference this week, but was stopped by the airline's corporate security at the gate Saturday.
Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? "PASS OXYGEN ON" Anyone ? :)— Chris Roberts (@Sidragon1) April 15, 2015
Roberts, who founded an organization that tries to discover security risks before they're exploited, had been removed from an earlier United flight Wednesday by the FBI after landing in Syracuse, New York, and was questioned for four hours after jokingly suggesting on Twitter he could get the oxygen masks on the plane to deploy. Authorities also seized Roberts' laptop and other electronics, although his lawyer said he hasn't seen a search warrant.
Bye bye electronics, all encrypted....and all now in custody/seized pic.twitter.com/a5o6rYTbZ0— Chris Roberts (@Sidragon1) April 16, 2015
Roberts' tweet was on response to a Government Accountability Office report last week that said some commercial aircraft may be vulnerable to hacking over their onboard wireless networks.
"Modern aircraft are increasingly connected to the Internet. This interconnectedness can potentially provide unauthorized remote access to aircraft avionics systems," its report found.
Roberts' lawyer said United gave him no detailed explanation Saturday why he wasn't allowed on the plane, saying instead the airline would be sending Roberts a letter within two weeks stating why they wouldn't let him fly on their aircraft.
"Given Mr. Roberts' claims regarding manipulating aircraft systems, we've decided it's in the best interest of our customers and crew members that he not be allowed to fly United," airline spokesman Rahsaan Johnson told The Associated Press. "However, we are confident our flight control systems could not be accessed through techniques he described."
"We made this decision because Mr. Roberts has made comments about having tampered with aircraft equipment, which is a violation of United policy and something customers and crews shouldn't have to deal with," Johnson added.
Johnson said the airline reached Roberts several hours before his flight to tell him he couldn't fly. But a lawyer for Roberts said Sunday that when his client received that call, the caller would only say he or she was from United, and wouldn't give Roberts a name or callback number. When Roberts then tried calling the number back from his phone's caller ID, it rang instead to a resort hotel, and Roberts assumed it was a prank call, Roberts' lawyer said.
The Associated Press contributed to this report.
Front page image via Shutterstock.