The Boeing aviator and its security flaws: the safety of civilian and military aircraft
For some time now, Boeing has been criticized for the inadequacies in the safety of its aircraft.
At the aviator, it is clearly criticized for not sufficiently or properly protecting the computer systems connected to the operation of its aircraft.
This article will also interest you: Airbus, victim of repeated computer attack
In addition, problems revealed about Boeing's security technical failures affect even the company's warships, which are also limited to civilian aircraft. It is said and known in view of the year 2019, catastrophic it will be considered, in the history of the aviation company, the "annus horribilis". In addition to the industrial disaster that represents its model 737 max, which was grounded by several countries, after the safety problems experienced by this aircraft, causing the result 2 air crashes, only in the space of 2 months and now that november 5 it was published an article on the online magazine CSO, the content of which can prove quite disastrous for the image of the aircraft manufacturer. In the famous article it was highlighted that the safety of information systems embedded in Boeing aircraft are only below the required standard. Computer security expert Chris Kubecka said the man at the heart of the article tried to lay bare Boeing's security shortcomings at the Cyber Security Aviation conference.
He asserts in this context that american society has not been diligent in the formation of its security system. For him, securing Boeing's aircraft systems is quite inadequate. And even worse, according to his always say the company tried to stifle the case by trying to silence him. He may then have been threatened by Boeing, which promised him legal action in case he gave himself this information: "If I see a broken door on a plane, I wouldn't be in trouble when I reported that the plane was flying anyway. But as a security researcher, it's legally difficult to report security vulnerabilities," she told the magazine.
The aircraft manufacturer, for its part, of course denies all the researcher's claims. however, he mentioned that he had contacted the latter to present what are called responsible disclosure procedures that are required in relation to computer security. This framework has been defined to facilitate the transmission of certain information deemed too sensitive to be exposed to the general public without thinking about the long-term consequences, public disclosure which must of course wait a reasonable period of time.
It should be noted that according to Chris Kubecka, it is clear that: Boeing's Internet infrastructure, web applications and e-mail in general do not appear to have been tested basic security or generally accepted." His criticism is supported by the journalist, J.Mr. Porup, in the origin of the article on the online magazine CSO according to him: "An assailant who accesses the software that makes the planes work can not only fly this code — to recover intellectual property, as does China — but it can also change that code to do what it wants. Like causing a malfunction at a critical time."
For its part, the aircraft manufacturer does accept the criticisms made by the researcher in a press release that will be addressed to the online magazine. he acknowledges the vulnerabilities that have been raised and regrets, while affirming her willingness to address these shortcomings: "We sincerely appreciate Ms. Kubecka's time and efforts, and we take seriously the concerns she has raised, as we continually work to improve the cybersecurity of our computer systems and products. The security issues addresse[…]d are, without exception, common vulnerabilities – the kind of cyber hygiene concerns that thousands of companies face every day."
Now access an unlimited number of passwords: