By Evarist Chahali, UJASUSI BLOG 22 February 2024
On 19 February 2024, unknown assailants, and possible Houthi (Ansarallah) hackers, targeted an airplane flying from Thailand to Israel in a cyberjacking attack near Somalia. The hackers successfully imitated the signal of the Aircraft Telecommunications and Information Services Unit (ATSU) server, which transmits ground data, and manipulated it to convey false information about changes in course.
The pilots received instructions via the communication system that diverted them from their standard route. The crew adhered to safety protocols and chose to disobey the unusual order. They promptly contacted air traffic controllers using an alternative radio frequency, discovering that they were being misled.
This incident strongly suggests a potential cyberjacking attack on the communication system, with suspicions pointing toward Houthi (Ansarallah) involvement. If true, that the Houthis were behind the cyberjacking it would not only be a notable escalation in tactics but also a notable escalation in capabilities.
Although the Houthis are the primary suspects, a group operating in the breakaway Somaliland region of Somalia could also be responsible. Reports indicate ongoing communication disruptions in Somalia throughout the week, not exclusive to El Al planes, prompting official authorities to instruct pilots to disregard instructions in case of frequent disruptions and switch to alternative communication methods.
Notably, Israeli media reported another incident of ‘cyberjacking’ targeting an El Al flight the previous week. Despite the airline’s assurance that their planes are not directly targeted, the events on Saturday are raising concerns about potential security incidents.
This incident underscores the urgent need for enhanced security measures in the aviation sector, emphasizing the potential economic repercussions and disruptions to international trade caused by such cyber threats. The Houthi’s strategic focus on soft commercial targets contributes to increased costs and uncertainties associated with transiting through the Suez Canal. Despite their limited capability to inflict casualties, their commitment to disrupting trade remains a significant concern, impacting economic stability
This attack specifically aimed at compromising the Aircraft Communications Addressing and Reporting System (ACARS) data transmission system, a notably susceptible component, raising serious concerns about the vulnerability of aviation systems to cyber threats.
The attackers intended to bring the aircraft with a range of air defence systems or force a landing in Yemen with the potential goal of capturing it, putting the safety of the 250 passengers on board a risk.
Leave a Reply
You must be logged in to post a comment.