Was MH370 Hijacked thru Remote Access to its Computer System?
April 24, 2014
John Byers: You said they intend to bring this down in the middle of New York City? Bert Byers: (Nods "yes") John Byers: What if there is no bomb? Bert Byers: Well how are they going to bring it down? John Byers: The same way a dead man can drive a car. - Dialogue between passengers on a plane that has been remotely hijacked and is being flown into the World Trade Center, "The Lone Gunmen" (pilot episode), Fox TV, March 4, 2001
Was the missing Malaysia Airlines Flight 370 hijacked by remote access to its vulnerable computer systems? The evidence suggests this is the most probable explanation, although it is not discussed in the mainstream media.
The unexplained disappearance of Malaysia Airlines Flight 370 raises a question that is seldom discussed in the mainstream media: Was MH370 hijacked by criminals who hacked into the plane’s computerized flight system and took over complete control of the plane, leaving the pilots incommunicado and unable to do anything?
Such a scenario would explain how the plane was abruptly diverted from its flight path to Beijing and why there were no further communications from the cockpit, apart from an attempted mobile phone call from the co-pilot as the plane flew over Penang. This makes no sense unless we consider that the normal communication channels between the plane and the ground had been disabled and the plane was being flown by unknown pilots who had gained access to the plane's computer system from a remote location, either on the ground or from another plane. This would explain why the co-pilot made a “desperate” attempt to communicate with the ground using his mobile phone. The attempted call was not completed because the plane soon flew out of range of the Penang transmitting station, but it is an important clue to what happened to the plane. The pilots were not the criminals; they were the victims of a computer hijacking that took over control of their plane.
There is a fundamental problem with modern cars and planes: their computerized systems can be hacked into by a remote “super-user” who can take complete control of the vehicle or aircraft leaving the driver or pilot utterly helpless. In this way a modern car or plane can be remotely hijacked and destroyed.
The ability to hijack cars and planes and turn them them into remotely-controlled drones by removing the control from the driver or pilot was the subject of the pilot episode of “The Lone Gunmen”, which aired on Rupert Murdoch’s FOX Network on March 4, 2001. This 44-minute program is well worth watching because it shows a great deal of prescience in how this technology could be used in an attack on the World Trade Center using passenger aircraft, which is what happens during the climax in the final minutes of the show.
CNN has also done a short report on the capability of ground-based pilots to take over control of an aircraft so that the pilots are completely prevented from doing anything to regain control the plane. In the CNN piece this technology is presented solely as a tool to prevent a hijacker from taking control of the plane from the cockpit. The idea that this technology could be used to hijack a plane by a remote pilot is not even mentioned in the CNN piece. Why would they ignore this obvious danger?
The Federal Aviation Administration (FAA) recently addressed the computer vulnerability of the Boeing 777 aircraft to external threats that could hijack a plane like the missing Malaysia Airlines Flight 370 using remote access to its computer flight system. In a ruling published in the Federal Register on November 18, 2013, the FAA put into effect “special conditions” to address the vulnerability of the computer systems on various Boeing 777 aircraft, including the type that was Malaysia Airlines MH370.
The following excerpts are from the FAA ruling, entitled “Special Conditions: Boeing Model 777-200, -300, and -300ER Series Airplanes; Aircraft Electronic System Security Protection From Unauthorized External Access”:
These special conditions are issued for the Boeing Model 777-200, -300, and-300ER series airplanes. These airplanes, as modified by The Boeing Company, will have novel or unusual design features associated with the architecture and connectivity capabilities of the airplane's onboard network computer systems, which may allow access to or by external computer systems and networks…
Connectivity to, or access by, external systems and networks may result in security vulnerabilities to the airplane's onboard network system. The applicable airworthiness regulations do not contain adequate or appropriate safety standards for this design feature.
The Model 777-200, -300, and -300ER series airplanes have fly-by-wire controls, software-configurable avionics, and fiber-optic avionics networks.
The proposed architecture is novel or unusual for commercial transport airplanes by enabling connection to previously isolated data networks connected to systems that perform functions required for the safe operation of the airplane. This proposed data network and design integration may result in security vulnerabilities from intentional or unintentional corruption of data and systems critical to the safety and maintenance of the airplane.
The architecture and network configuration in the Boeing Model 777-200, -300, and-300ER series airplanes may enable increased connectivity to, or access by, external airplane sources, airline operations, and maintenance systems to the aircraft control functions and airline information services. The aircraft control functions and airline information services perform functions required for the safe operation and maintenance of the airplane. Previously these domains had very limited connectivity with external sources. The architecture and network configuration may allow the exploitation of network security vulnerabilities resulting in intentional or unintentional destruction, disruption, degradation, or exploitation of data, systems, and networks critical to the safety and maintenance of the airplane.
The existing regulations and guidance material did not anticipate these types of airplane system architectures. Furthermore, 14 CFR regulations and current system safety assessment policy and techniques do not address potential security vulnerabilities, which could be exploited by unauthorized access to airplane systems, data buses, and servers. Therefore, these special conditions are issued to ensure that the security (i.e., confidentiality, integrity, and availability) of airplane systems is not compromised by unauthorized wired or wireless electronic connections.
Because the vulnerability of the Boeing 777 computer system goes right to the question of what happened to MH370, I contacted the author of the ruling, Jeffrey E. Duven of the FAA’s Aircraft Certification Service in Renton, Washington, and asked him the following questions:
The document uses the verb will, suggesting that this is a problem for the future. Is this vulnerability not a problem for all Boeing 777s of the 200 and 300 ER categories?
Could this vulnerability have been a factor in the hijacking of the missing Malaysia Airlines MH370, which the New York Times described as a computer hijacking in which the codes had been changed?
What is the legal status of the FAA rule regarding these problems on the Boeing 777 aircraft?
Duven told me to contact Allen Kenitzer, a public affairs specialist with the FAA. Kenitzer responded to my questions with a written statement:
We apply special conditions when the existing standards do not contain adequate or appropriate safety standards for new or novel design features. With the evolution of network technology, the FAA has been issuing special conditions to establish the appropriate standards to protect aircraft systems and networks from intentional, or unintentional, unauthorized access. The more recent special conditions issued for the 777 are not unique in this regard. We have not issued these special conditions as the result of any known vulnerabilities but rather to address new, recently-certified design features.