Ruben Santamarta, an industrial network security expert from IOActive, found multiple security vulnerabilities in the firmware of the core network components of the Boeing 787. He said that hackers can use these vulnerabilities to remotely access the aircraft’s network information system module.
Santamarta also found that some fully unprotected servers used to communicate with Boeing 787 aircraft were exposed on public networks. Hackers may take the opportunity to attack these servers and enter the aircraft’s internal network.
According to Santamarta, it is still unclear how much risk these vulnerabilities pose because his research is conducted in an experimental environment. Santamarta said that the Boeing 787 must be verified to determine the severity of the vulnerability. Boeing has removed firmware files exposed to the public network and stated that existing measures can protect against the attacks mentioned in Santamarta’s report.