Rep. John Katko to FAA: Take steps to prevent cyberattacks on airplanes

Katko1-on airport security image

U.S. Rep. John Katko is calling on the Federal Aviation Administration to address concerns that airplanes are vulnerable to cyberattacks after a Government Accountability Office report found a hacker could access the plane’s controls using its wireless Internet system. 

The GAO report said the FAA has taken action to protect its air traffic control systems, but the agency will continue to face challenges because it hasn’t implemented a model to help identify cybersecurity threats. And while the GAO acknowledges that the FAA has taken some steps to develop such a model, it hasn’t dedicated the funding or time needed to finalize the plan.

A co-requester of the report, Katko, R-Camillus, said GAO’s findings are “troubling.”

“This report exposes an enormous vulnerability in our system — that any traveler could gain unauthorized access to cockpit avionics systems from the cabin,” Katko, chairman of the House Homeland Security Subcommittee on Transportation Security, said in a statement.

“Nearly 14 years since 9/11, terrorists have adapted both to our airport security protocols and to the modern communication systems used in aircraft systems, requiring us to be agile and resourceful in ensuring airport and in-flight security.”

In its report, the GAO recommended that the FAA should assess the cost and time needed to develop a cyberthreat model and add the Office of Aviation Safety to the agency’s Cyber Security Steering Committee.

The GAO also advised that the FAA should develop a plan to implement revisions to federal cybersecurity standards.

“In light of the significant threats we face, I urge FAA to quickly implement the GAO’s latest recommendations to eliminate these vulnerabilities and prevent cyberattacks on aircrafts in flight,” Katko said.

According to the report, the FAA agreed to two of the recommendations. But the agency said the Office of Aviation Safety “is sufficiently involved in cybersecurity” and won’t be added to its Cyber Security Steering Committee.


Henry Sapiecha

Leave a Reply

Your email address will not be published. Required fields are marked *