One of the world’s foremost experts on counter-threat intelligence
within the cybersecurity industry, who blew the whistle on
vulnerabilities in airplane technology systems in a series of recent Fox
News reports, has become the target of an FBI investigation himself.
Chris Roberts of the Colorado-based One World Labs
, a security
intelligence firm that identifies risks before they're exploited, said
two FBI agents and two uniformed police officers pulled him off a United
Airlines Boeing 737-800 commercial flight Wednesday night just after it
landed in Syracuse, and spent the next four hours questioning him about
cyberhacking of planes.
The FBI interrogation came just hours after Fox News published a
report
on Roberts’ research, in which he said: “We can still take planes out
of the sky thanks to the flaws in the in-flight entertainment systems.
Quite simply put, we can theorize on how to turn the engines off at
35,000 feet and not have any of those damn flashing lights go off in the
cockpit.”
His findings, along with those of another security expert quoted in
the Fox News reports, were backed up a GAO report released Tuesday.
“If you don’t have people like me researching and blowing the whistle
on system vulnerabilities, we will find out the hard way what those
vulnerabilities are when an attack happens,” Roberts said.
With increasingly sophisticated attacks on a number of targets,
Roberts has consulted with numerous government and private clients to
identify threats to financial and intellectual property, customer data
and other protected information. He also has served as both an in-house
security expert and consultant on IT security, engineering and
architecture and design operations for scores of Fortune 500 companies
across the finance, retail, energy and services sectors.
He regularly engages with various government agencies on critical
security issues of national importance. Ironically, Roberts met with the
FBI at the agency’s request three times after the agency asked for his
guidance on protecting airplanes from cyberhackers.
Wednesday night, FBI agents confiscated Roberts’ numerous electronic
devices and computer files including his laptop and thumb drives and
demanded he give them access to his data. They wanted to forensically
image his laptop, but it is a company-owned asset with client
information, research and intellectual property, some of which is
sensitive in nature and encrypted.
So after consulting with his CEO, Roberts told the agents they would need a warrant, something they still have not presented.
FBI agents disclosed to Roberts that they also had questioned fellow
passengers and forensically examined the plane to determine if any areas
had been tampered with.
“You have one element in the FBI reaching out to people like me for
help, but another element doing a hell of a job burning those bridges,”
Roberts said. “Those of us who do threat research are doing it for the
right reasons, and we work to build relationships with the intelligence
community because we want to help them identify weaknesses before they
become a problem.”
Roberts flew from Denver to Chicago to Syracuse at the invitation of a
defense contractor to speak an aerospace conference about
vulnerabilities in airplane systems, a topic Roberts commented on for
Fox News in late March, when he said commercial and even military planes
have an Achilles heel that could leave them vulnerable to hackers or
terrorists on the ground due to flaws in the entertainment and satellite
communications systems.
Roberts’ findings were featured on
FoxNews.com, on Fox News Radio and on the Fox News show "
On the Record with Greta Van Susteren" on March 19, 2015, and again on April 15, 2015.
Ruben Santamarta, principal security consultant for IOActive, told
Fox News he also discovered a backdoor that allowed him to gain
privileged access to the Satellite Data Unit, the most important piece
of SATCOM (Satellite communications) equipment on aircraft.
“These vulnerabilities allowed unauthenticated users to hack into the
SATCOM equipment when it is accessible through WiFi or In-Flight
entertainment networks,” Santamarta said.
There are “multiple high risk vulnerabilities” such as weak
encryption algorithms or insecure protocols in SATCOM technologies
manufactured by some of the world’s largest companies, Santamarta found.
“These vulnerabilities have the potential to allow a malicious actor
to intercept, manipulate or block communications, and in some cases, to
remotely take control of the physical device,” Santamarta reported.
The Government Accountability Office also presented a series of
threatening scenarios for passengers, saying the same Internet access
now available on most commercial flights makes it possible for hackers
to bring down a plane in a report published Tuesday.
"According to cybersecurity experts we interviewed, Internet
connectivity in the cabin should be considered a direct link between the
aircraft and the outside world, which includes potential malicious
actors," the GAO report states.
The worst-case scenario is a terrorist with a laptop sitting among
passengers and taking control of the airplane using its passenger Wi-Fi,
said Rep. Peter DeFazio, D-Ore., a member of the House Transportation
and Infrastructure Committee who requested the investigation.
"That's a serious vulnerability, and FAA should work quickly" to fix the problem, DeFazio told the Associated Press.
Roberts isn’t sure what will happen next. He had to make his
presentation to the defense industry Thursday in Syracuse without his
electronics. Friday morning, he was scheduled to fly back to Denver,
something he hopes he will be allowed to do. He already has been
pre-checked through TSA, another irony he pointed out.
“The TSA has already dug into my background and cleared me for the
pre-check program,” Roberts said, noting several other government
agencies he’s worked with have done the same.
Paul Bresson, the Unit Chief for the FBI National Press Office at the
FBI headquarters in Washington D.C., said in response to a Fox News
inquiry about the Roberts’ detainment: “We have no comment on this
matter.”